Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Scan Information (
show all ):
dependency-check version : 9.0.10Report Generated On : Wed, 1 May 2024 16:59:38 -0400Dependencies Scanned : 478 (469 unique)Vulnerable Dependencies : 37 Vulnerabilities Found : 78Vulnerabilities Suppressed : 1 (show )... NVD API Last Checked : 2024-05-01T16:40:42-04NVD API Last Modified : 2024-05-01T20:15:12ZSummary Display:
Showing Vulnerable Dependencies (click to show all) * indicates the dependency has a known exploited vulnerability
HdrHistogram-2.1.12.jar JavaEWAH-1.2.3.jarDescription:
The bit array data structure is implemented in Java as the BitSet class. Unfortunately, this fails to scale without compression.
JavaEWAH is a word-aligned compressed variant of the Java bitset class. It uses a 64-bit run-length encoding (RLE) compression scheme.
The goal of word-aligned compression is not to achieve the best compression, but rather to improve query processing time. Hence, we try to save CPU cycles, maybe at the expense of storage. However, the EWAH scheme we implemented is always more efficient storage-wise than an uncompressed bitmap (implemented in Java as the BitSet class). Unlike some alternatives, javaewah does not rely on a patented scheme. License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.googlecode.javaewah/JavaEWAH/1.2.3/13a27c856e0c8808cee9a64032c58eee11c3adc9/JavaEWAH-1.2.3.jar
MD5: 8fdeda28c1fb10e67b3d79f86bef5e61
SHA1: 13a27c856e0c8808cee9a64032c58eee11c3adc9
SHA256: d65226949713c4c61a784f41c51167e7b0316f93764398ebba9e4336b3d954c2
Referenced In Projects/Scopes: opencdx-config:compileClasspath opencdx-config:runtimeClasspath opencdx-config:productionRuntimeClasspath JavaEWAH-1.2.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name JavaEWAH High Vendor gradle artifactid JavaEWAH Highest Vendor gradle groupid com.googlecode.javaewah Highest Vendor jar package name bitset Highest Vendor jar package name googlecode Highest Vendor jar package name javaewah Highest Vendor Manifest bundle-symbolicname com.googlecode.javaewah.JavaEWAH Medium Vendor Manifest multi-release true Low Vendor pom artifactid JavaEWAH Low Vendor pom developer email lemire@gmail.com Low Vendor pom developer id lemire Medium Vendor pom developer name Daniel Lemire Medium Vendor pom developer org LICEF Research Center Medium Vendor pom developer org URL http://licef.ca Medium Vendor pom groupid com.googlecode.javaewah Highest Vendor pom name JavaEWAH High Vendor pom url lemire/javaewah Highest Product file name JavaEWAH High Product gradle artifactid JavaEWAH Highest Product jar package name bitset Highest Product jar package name googlecode Highest Product jar package name javaewah Highest Product Manifest Bundle-Name JavaEWAH Medium Product Manifest bundle-symbolicname com.googlecode.javaewah.JavaEWAH Medium Product Manifest multi-release true Low Product pom artifactid JavaEWAH Highest Product pom developer email lemire@gmail.com Low Product pom developer id lemire Low Product pom developer name Daniel Lemire Low Product pom developer org LICEF Research Center Low Product pom developer org URL http://licef.ca Low Product pom groupid com.googlecode.javaewah Highest Product pom name JavaEWAH High Product pom url lemire/javaewah High Version file version 1.2.3 High Version gradle version 1.2.3 Highest Version Manifest Bundle-Version 1.2.3 High Version pom version 1.2.3 Highest
LatencyUtils-2.0.3.jar accessors-smart-2.5.0.jar activej-bytebuf-4.3-r4.jarDescription:
Fast and memory-efficient byte buffer, an optimized version of Java's ByteBuffer class.
Useful for fast low-level I/O operations like working with files or transferring data over the internet.
File Path: /Users/jeffmiller/.m2/repository/dev/ikm/jpms/activej-bytebuf/4.3-r4/activej-bytebuf-4.3-r4.jarMD5: ee1c6b0169f226231df1e3e7b9e1f441SHA1: 7d0b8093bde9f26cf38a38d24f095c5f739c7975SHA256: 461cc9acedca31467e43de9d240c3776c1a9ebd7384084959de95e5adda6adc8Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath activej-bytebuf-4.3-r4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/common@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/common@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/common@1.37.0 Evidence Type Source Name Value Confidence Vendor file name activej-bytebuf High Vendor gradle artifactid activej-bytebuf Highest Vendor gradle groupid dev.ikm.jpms Highest Vendor jar package name activej Highest Vendor jar package name bytebuf Highest Vendor jar package name io Highest Vendor Manifest build-jdk-spec 19 Low Vendor pom artifactid activej-bytebuf Low Vendor pom groupid dev.ikm.jpms Highest Vendor pom groupid io.activej Highest Vendor pom name ActiveJ : ByteBuf High Vendor pom name Activej Bytebuf High Vendor pom parent-artifactid activej Low Vendor pom parent-artifactid java-parent Low Vendor pom parent-groupid dev.ikm.build Medium Product file name activej-bytebuf High Product gradle artifactid activej-bytebuf Highest Product jar package name activej Highest Product jar package name bytebuf Highest Product jar package name io Highest Product Manifest build-jdk-spec 19 Low Product pom artifactid activej-bytebuf Highest Product pom groupid dev.ikm.jpms Highest Product pom groupid io.activej Highest Product pom name ActiveJ : ByteBuf High Product pom name Activej Bytebuf High Product pom parent-artifactid activej Medium Product pom parent-artifactid java-parent Medium Product pom parent-groupid dev.ikm.build Medium Version pom version 0.4.0 Highest
activej-common-4.3-r2.jarDescription:
Module containing various general utilities for ActiveJ project.
File Path: /Users/jeffmiller/.m2/repository/dev/ikm/jpms/activej-common/4.3-r2/activej-common-4.3-r2.jarMD5: 5750ab1ca2a12cad622d5b5d5641490dSHA1: d5a44cfde7d470bce8ce511ca9607a2c488d062eSHA256: a588d06233f728e53b27705ae2628cb418399a1dce6f2efd80e26e756b55ced8Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath activej-common-4.3-r2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/common@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/common@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/common@1.37.0 Evidence Type Source Name Value Confidence Vendor file name activej-common High Vendor gradle artifactid activej-common Highest Vendor gradle groupid dev.ikm.jpms Highest Vendor jar package name activej Highest Vendor jar package name common Highest Vendor jar package name io Highest Vendor Manifest build-jdk-spec 19 Low Vendor pom artifactid activej-common Low Vendor pom groupid dev.ikm.jpms Highest Vendor pom groupid io.activej Highest Vendor pom name ActiveJ : Util : Common High Vendor pom name Activej Common High Vendor pom parent-artifactid activej Low Vendor pom parent-artifactid java-parent Low Vendor pom parent-groupid dev.ikm.build Medium Product file name activej-common High Product gradle artifactid activej-common Highest Product jar package name activej Highest Product jar package name common Highest Product jar package name io Highest Product Manifest build-jdk-spec 19 Low Product pom artifactid activej-common Highest Product pom groupid dev.ikm.jpms Highest Product pom groupid io.activej Highest Product pom name ActiveJ : Util : Common High Product pom name Activej Common High Product pom parent-artifactid activej Medium Product pom parent-artifactid java-parent Medium Product pom parent-groupid dev.ikm.build Medium Version pom version 0.3.0 Highest
android-json-0.0.20131108.vaadin1.jar angus-activation-2.0.2.jarDescription:
Implementation License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.eclipse.angus/angus-activation/2.0.2/41f1e0ddd157c856926ed149ab837d110955a9fc/angus-activation-2.0.2.jar
MD5: 42bba74155dc773eca277ee7a16f74be
SHA1: 41f1e0ddd157c856926ed149ab837d110955a9fc
SHA256: 6dd3bcffc22bce83b07376a0e2e094e4964a3195d4118fb43e380ef35436cc1e
Referenced In Projects/Scopes: opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath angus-activation-2.0.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name angus-activation High Vendor gradle artifactid angus-activation Highest Vendor gradle groupid org.eclipse.angus Highest Vendor jar package name activation Highest Vendor jar package name angus Highest Vendor jar package name eclipse Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname angus-activation Medium Vendor Manifest extension-name org.eclipse.angus Medium Vendor Manifest implementation-build-id 2.0.2-RELEASE-c08e320 Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest provide-capability osgi.serviceloader;osgi.serviceloader="jakarta.activation.spi.MailcapRegistryProvider",osgi.serviceloader;osgi.serviceloader="jakarta.activation.spi.MimeTypeRegistryProvider" Low Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom artifactid angus-activation Low Vendor pom groupid org.eclipse.angus Highest Vendor pom name Angus Activation Registries High Vendor pom parent-artifactid angus-activation-project Low Product file name angus-activation High Product gradle artifactid angus-activation Highest Product jar package name activation Highest Product jar package name angus Highest Product jar package name eclipse Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name Angus Activation Registries Medium Product Manifest bundle-symbolicname angus-activation Medium Product Manifest extension-name org.eclipse.angus Medium Product Manifest implementation-build-id 2.0.2-RELEASE-c08e320 Low Product Manifest Implementation-Title Angus Activation Registries High Product Manifest provide-capability osgi.serviceloader;osgi.serviceloader="jakarta.activation.spi.MailcapRegistryProvider",osgi.serviceloader;osgi.serviceloader="jakarta.activation.spi.MimeTypeRegistryProvider" Low Product Manifest specification-title Jakarta Activation Specification Medium Product pom artifactid angus-activation Highest Product pom groupid org.eclipse.angus Highest Product pom name Angus Activation Registries High Product pom parent-artifactid angus-activation-project Medium Version file version 2.0.2 High Version gradle version 2.0.2 Highest Version Manifest Bundle-Version 2.0.2 High Version pom version 2.0.2 Highest
animal-sniffer-annotations-1.23.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.codehaus.mojo/animal-sniffer-annotations/1.23/3c0daebd5f0e1ce72cc50c818321ac957aeb5d70/animal-sniffer-annotations-1.23.jarMD5: 13729ebd1fbdddc25d7feb7694d3028dSHA1: 3c0daebd5f0e1ce72cc50c818321ac957aeb5d70SHA256: 9ffe526bf43a6348e9d8b33b9cd6f580a7f5eed0cf055913007eda263de974d0Referenced In Projects/Scopes:
opencdx-client:productionRuntimeClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath animal-sniffer-annotations-1.23.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name animal-sniffer-annotations High Vendor gradle artifactid animal-sniffer-annotations Highest Vendor gradle groupid org.codehaus.mojo Highest Vendor jar package name codehaus Highest Vendor jar package name mojo Highest Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid animal-sniffer-annotations Low Vendor pom groupid org.codehaus.mojo Highest Vendor pom name Animal Sniffer Annotations High Vendor pom parent-artifactid animal-sniffer-parent Low Product file name animal-sniffer-annotations High Product gradle artifactid animal-sniffer-annotations Highest Product jar package name codehaus Highest Product jar package name mojo Highest Product Manifest build-jdk-spec 17 Low Product pom artifactid animal-sniffer-annotations Highest Product pom groupid org.codehaus.mojo Highest Product pom name Animal Sniffer Annotations High Product pom parent-artifactid animal-sniffer-parent Medium Version file version 1.23 High Version gradle version 1.23 Highest Version pom version 1.23 Highest
annotations-2.0.1.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.google.code.findbugs/annotations/2.0.1/9ef6656259841cebfb9fb0697bb122ada4485498/annotations-2.0.1.jarMD5: 35ef911c85603829ded63f211feb2d68SHA1: 9ef6656259841cebfb9fb0697bb122ada4485498SHA256: 893b2203a27e4a8ba9d16cd6ed6e9f730736b4878a6bfffeff06861f32e6631bReferenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-iam:compileClasspath opencdx-media:compileClasspath opencdx-logistics:compileClasspath opencdx-questionnaire:compileClasspath opencdx-classification:compileClasspath opencdx-communications:compileClasspath opencdx-helloworld:compileClasspath annotations-2.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 Evidence Type Source Name Value Confidence Vendor file name annotations High Vendor gradle artifactid annotations Highest Vendor gradle groupid com.google.code.findbugs Highest Vendor jar package name annotation Low Vendor jar package name javax Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname findbugsAnnotations Medium Product file name annotations High Product gradle artifactid annotations Highest Product jar package name annotation Low Product Manifest Bundle-Name FindbugsAnnotations Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname findbugsAnnotations Medium Version file name annotations Medium Version file version 2.0.1 High Version gradle version 2.0.1 Highest Version Manifest Bundle-Version 2.0.0 High
annotations-2.16.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.github.solven-eu.cleanthat/annotations/2.16/18e4085f0af79606bd112f83a8e5d06c502174d1/annotations-2.16.jarMD5: cbdff6ae4ec34b6e559ab4130fc84a5eSHA1: 18e4085f0af79606bd112f83a8e5d06c502174d1SHA256: c842c3657f18dc550f1554aec31b629a740f9a73874e1d4c7c1166b8922fe708Referenced In Projects/Scopes:
opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 annotations-2.16.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name annotations High Vendor gradle artifactid annotations Highest Vendor gradle groupid io.github.solven-eu.cleanthat Highest Vendor jar package name cleanthat Highest Vendor jar package name eu Highest Vendor jar package name solven Highest Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid annotations Low Vendor pom groupid io.github.solven-eu.cleanthat Highest Vendor pom parent-artifactid aggregator-cleanthat Low Product file name annotations High Product gradle artifactid annotations Highest Product jar package name cleanthat Highest Product jar package name eu Highest Product jar package name solven Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title annotations High Product pom artifactid annotations Highest Product pom groupid io.github.solven-eu.cleanthat Highest Product pom parent-artifactid aggregator-cleanthat Medium Version file version 2.16 High Version gradle version 2.16 Highest Version Manifest Implementation-Version 2.16 High Version pom version 2.16 Highest
annotations-3.0.1.jar (shaded: com.google.code.findbugs:jsr305:3.0.1)Description:
JSR305 Annotations for Findbugs License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.google.code.findbugs/annotations/3.0.1/fc019a2216218990d64dfe756e7aa20f0069dea2/annotations-3.0.1.jar/META-INF/maven/com.google.code.findbugs/jsr305/pom.xml
MD5: d08567d16867a0b79bc8149683918452
SHA1: d04690f71f3393e23f30998d9534365274fa5f9f
SHA256: 4170a761dc5bfd3981a8e6f7aab9e2acdce82d34fd5aa9bb11e3c090d25314ce
Referenced In Projects/Scopes: opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath Evidence Type Source Name Value Confidence Vendor pom artifactid jsr305 Low Vendor pom groupid com.google.code.findbugs Highest Vendor pom name FindBugs-jsr305 High Vendor pom url http://findbugs.sourceforge.net/ Highest Product pom artifactid jsr305 Highest Product pom groupid com.google.code.findbugs Highest Product pom name FindBugs-jsr305 High Product pom url http://findbugs.sourceforge.net/ Medium Version pom version 3.0.1 Highest
annotations-3.0.1.jarDescription:
Annotation the FindBugs tool supports License:
GNU Lesser Public License: http://www.gnu.org/licenses/lgpl.html File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.google.code.findbugs/annotations/3.0.1/fc019a2216218990d64dfe756e7aa20f0069dea2/annotations-3.0.1.jar
MD5: fc4f102f22ba4f1df3f1d7cc6b202152
SHA1: fc019a2216218990d64dfe756e7aa20f0069dea2
SHA256: 6b47ff0a6de0ce17cbedc3abb0828ca5bce3009d53ea47b3723ff023c4742f79
Referenced In Projects/Scopes: opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath annotations-3.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.hubspot.jackson/jackson-datatype-protobuf@0.9.15 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/com.hubspot.jackson/jackson-datatype-protobuf@0.9.15 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/com.hubspot.jackson/jackson-datatype-protobuf@0.9.15 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/com.hubspot.jackson/jackson-datatype-protobuf@0.9.15 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/com.hubspot.jackson/jackson-datatype-protobuf@0.9.15 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.hubspot.jackson/jackson-datatype-protobuf@0.9.15 Evidence Type Source Name Value Confidence Vendor file name annotations High Vendor gradle artifactid annotations Highest Vendor gradle groupid com.google.code.findbugs Highest Vendor jar package name annotation Highest Vendor jar package name annotations Highest Vendor jar package name findbugs Highest Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname findbugsAnnotations Medium Vendor pom artifactid annotations Low Vendor pom developer email Loskutov@gmx.de Low Vendor pom developer email pugh at cs.umd.edu Low Vendor pom developer id al Medium Vendor pom developer id bp Medium Vendor pom developer name Andrey Loskutov Medium Vendor pom developer name Bill Pugh Medium Vendor pom developer name Keith Lea Medium Vendor pom groupid com.google.code.findbugs Highest Vendor pom name FindBugs-Annotations High Vendor pom url http://findbugs.sourceforge.net/ Highest Product file name annotations High Product gradle artifactid annotations Highest Product jar package name annotation Highest Product jar package name annotations Highest Product jar package name findbugs Highest Product Manifest Bundle-Name FindBugs-Annotations Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname findbugsAnnotations Medium Product pom artifactid annotations Highest Product pom developer email Loskutov@gmx.de Low Product pom developer email pugh at cs.umd.edu Low Product pom developer id al Low Product pom developer id bp Low Product pom developer name Andrey Loskutov Low Product pom developer name Bill Pugh Low Product pom developer name Keith Lea Low Product pom groupid com.google.code.findbugs Highest Product pom name FindBugs-Annotations High Product pom url http://findbugs.sourceforge.net/ Medium Version file version 3.0.1 High Version gradle version 3.0.1 Highest Version Manifest Bundle-Version 3.0.1 High Version pom version 3.0.1 Highest
annotations-4.1.1.4.jarDescription:
A library jar that provides annotations for the Google Android Platform. License:
Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.google.android/annotations/4.1.1.4/a1678ba907bf92691d879fef34e1a187038f9259/annotations-4.1.1.4.jar
MD5: c2cdd26a6ae577f24775e8ce75da1fdc
SHA1: a1678ba907bf92691d879fef34e1a187038f9259
SHA256: ba734e1e84c09d615af6a09d33034b4f0442f8772dec120efb376d86a565ae15
Referenced In Projects/Scopes: opencdx-client:productionRuntimeClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath annotations-4.1.1.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name annotations High Vendor gradle artifactid annotations Highest Vendor gradle groupid com.google.android Highest Vendor jar package name android Highest Vendor jar package name android Low Vendor jar package name annotation Low Vendor pom artifactid annotations Low Vendor pom developer name The Android Open Source Projects Medium Vendor pom groupid com.google.android Highest Vendor pom name Google Android Annotations Library High Vendor pom url http://source.android.com/ Highest Product file name annotations High Product gradle artifactid annotations Highest Product jar package name android Highest Product jar package name annotation Low Product pom artifactid annotations Highest Product pom developer name The Android Open Source Projects Low Product pom groupid com.google.android Highest Product pom name Google Android Annotations Library High Product pom url http://source.android.com/ Medium Version file version 4.1.1.4 High Version gradle version 4.1.1.4 Highest Version pom version 4.1.1.4 Highest
antlr-2.7.7.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/antlr/antlr/2.7.7/83cd2cd674a217ade95a4bb83a8a14f351f48bd0/antlr-2.7.7.jarMD5: f8f1352c52a4c6a500b597596501fc64SHA1: 83cd2cd674a217ade95a4bb83a8a14f351f48bd0SHA256: 88fbda4b912596b9f56e8e12e580cc954bacfb51776ecfddd3e18fc1cf56dc4cReferenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-discovery:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath antlr-2.7.7.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name antlr High Vendor gradle artifactid antlr Highest Vendor gradle groupid antlr Highest Vendor jar package name antlr Low Product file name antlr High Product gradle artifactid antlr Highest Version file name antlr Medium Version file version 2.7.7 High Version gradle version 2.7.7 Highest
antlr-runtime-3.4.jarDescription:
A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions. File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.antlr/antlr-runtime/3.4/8f011408269a8e42b8548687e137d8eeb56df4b4/antlr-runtime-3.4.jarMD5: 0e0318be407e51fdf7ba6777eabfdf73SHA1: 8f011408269a8e42b8548687e137d8eeb56df4b4SHA256: 5b7cf53b7b30b034023f58030c8147c433f2bee0fe7dec8fae6bebf3708c5a63Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-discovery:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath antlr-runtime-3.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name antlr-runtime High Vendor gradle artifactid antlr-runtime Highest Vendor gradle groupid org.antlr Highest Vendor jar package name antlr Highest Vendor jar package name antlr Low Vendor jar package name runtime Highest Vendor jar package name runtime Low Vendor pom artifactid antlr-runtime Low Vendor pom developer email jimi@temporal-wave.com Low Vendor pom developer email parrt@antlr.org Low Vendor pom developer name Jim Idle Medium Vendor pom developer name Terence Parr Medium Vendor pom developer org Temporal Wave LLC Medium Vendor pom developer org USFCA Medium Vendor pom developer org URL http://www.cs.usfca.edu Medium Vendor pom developer org URL http://www.temporal-wave.com Medium Vendor pom groupid org.antlr Highest Vendor pom name Antlr 3.4 Runtime High Vendor pom parent-artifactid antlr-master Low Vendor pom url http://www.antlr.org Highest Product file name antlr-runtime High Product gradle artifactid antlr-runtime Highest Product jar package name antlr Highest Product jar package name runtime Highest Product jar package name runtime Low Product pom artifactid antlr-runtime Highest Product pom developer email jimi@temporal-wave.com Low Product pom developer email parrt@antlr.org Low Product pom developer name Jim Idle Low Product pom developer name Terence Parr Low Product pom developer org Temporal Wave LLC Low Product pom developer org USFCA Low Product pom developer org URL http://www.cs.usfca.edu Low Product pom developer org URL http://www.temporal-wave.com Low Product pom groupid org.antlr Highest Product pom name Antlr 3.4 Runtime High Product pom parent-artifactid antlr-master Medium Product pom url http://www.antlr.org Medium Version file version 3.4 High Version gradle version 3.4 Highest Version pom version 3.4 Highest
any-language-2.16.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.github.solven-eu.cleanthat/any-language/2.16/b17ad655e100e9526abb71251fe3b3fd367a5dc3/any-language-2.16.jarMD5: f8f6640cb78e224c1d79fae7bf07723dSHA1: b17ad655e100e9526abb71251fe3b3fd367a5dc3SHA256: 76ae4f7e2f77a94a697833043d98ade808303eb41e39673dffb3a72c6e477089Referenced In Projects/Scopes:
opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 any-language-2.16.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name any-language High Vendor gradle artifactid any-language Highest Vendor gradle groupid io.github.solven-eu.cleanthat Highest Vendor jar package name cleanthat Highest Vendor jar package name eu Highest Vendor jar package name solven Highest Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid any-language Low Vendor pom groupid io.github.solven-eu.cleanthat Highest Vendor pom parent-artifactid aggregator-cleanthat Low Product file name any-language High Product gradle artifactid any-language Highest Product jar package name cleanthat Highest Product jar package name eu Highest Product jar package name solven Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title any-language High Product pom artifactid any-language Highest Product pom groupid io.github.solven-eu.cleanthat Highest Product pom parent-artifactid aggregator-cleanthat Medium Version file version 2.16 High Version gradle version 2.16 Highest Version Manifest Implementation-Version 2.16 High Version pom version 2.16 Highest
aopalliance-1.0.jar aopalliance-repackaged-3.0.5.jarDescription:
Dependency Injection Kernel License:
http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.glassfish.hk2.external/aopalliance-repackaged/3.0.5/6a77d3f22a1423322226bff412177addc936b38f/aopalliance-repackaged-3.0.5.jar
MD5: 6ede2eee8fdc86fed0a5046ddbcd0cdd
SHA1: 6a77d3f22a1423322226bff412177addc936b38f
SHA256: 433e4b8292064c96625eee2106eb2fd7fc50b839c2f0742977563331ad9d5935
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath aopalliance-repackaged-3.0.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name aopalliance-repackaged High Vendor gradle artifactid aopalliance-repackaged Highest Vendor gradle groupid org.glassfish.hk2.external Highest Vendor jar package name aopalliance Highest Vendor Manifest automatic-module-name org.aopalliance Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest bundle-symbolicname org.glassfish.hk2.external.aopalliance-repackaged Medium Vendor pom artifactid aopalliance-repackaged Low Vendor pom groupid org.glassfish.hk2.external Highest Vendor pom name aopalliance version repackaged as a module High Vendor pom parent-artifactid external Low Vendor pom parent-groupid org.glassfish.hk2 Medium Product file name aopalliance-repackaged High Product gradle artifactid aopalliance-repackaged Highest Product jar package name aopalliance Highest Product Manifest automatic-module-name org.aopalliance Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest Bundle-Name aopalliance version 1.0 repackaged as a module Medium Product Manifest bundle-symbolicname org.glassfish.hk2.external.aopalliance-repackaged Medium Product pom artifactid aopalliance-repackaged Highest Product pom groupid org.glassfish.hk2.external Highest Product pom name aopalliance version repackaged as a module High Product pom parent-artifactid external Medium Product pom parent-groupid org.glassfish.hk2 Medium Version file version 3.0.5 High Version gradle version 3.0.5 Highest Version Manifest Bundle-Version 3.0.5 High Version pom version 3.0.5 Highest
apiguardian-api-1.1.2.jarDescription:
@API Guardian File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.apiguardian/apiguardian-api/1.1.2/a231e0d844d2721b0fa1b238006d15c6ded6842a/apiguardian-api-1.1.2.jarMD5: 8c7de3f82037fa4a2e8be2a2f13092afSHA1: a231e0d844d2721b0fa1b238006d15c6ded6842aSHA256: b509448ac506d607319f182537f0b35d71007582ec741832a1f111e5b5b70b38Referenced In Projects/Scopes:
opencdx-discovery:compileClasspath opencdx-audit:compileClasspath opencdx-client:compileClasspath opencdx-media:compileClasspath opencdx-logistics:compileClasspath opencdx-questionnaire:compileClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-helloworld:compileClasspath opencdx-admin:compileClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-iam:compileClasspath opencdx-classification:compileClasspath opencdx-communications:compileClasspath apiguardian-api-1.1.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 Evidence Type Source Name Value Confidence Vendor file name apiguardian-api High Vendor gradle artifactid apiguardian-api Highest Vendor gradle groupid org.apiguardian Highest Vendor jar package name api Low Vendor jar package name apiguardian Highest Vendor jar package name apiguardian Low Vendor Manifest build-date 2021-06-27 Low Vendor Manifest build-revision aa952a1b9d5b4e9cc0af853e2c140c2455b397be Low Vendor Manifest build-time 14:53:10.089+0200 Low Vendor Manifest bundle-docurl https://github.com/apiguardian-team/apiguardian Low Vendor Manifest bundle-symbolicname org.apiguardian.api Medium Vendor Manifest Implementation-Vendor apiguardian.org High Vendor Manifest specification-vendor apiguardian.org Low Product file name apiguardian-api High Product gradle artifactid apiguardian-api Highest Product jar package name api Highest Product jar package name api Low Product jar package name apiguardian Highest Product Manifest build-date 2021-06-27 Low Product Manifest build-revision aa952a1b9d5b4e9cc0af853e2c140c2455b397be Low Product Manifest build-time 14:53:10.089+0200 Low Product Manifest bundle-docurl https://github.com/apiguardian-team/apiguardian Low Product Manifest Bundle-Name apiguardian-api Medium Product Manifest bundle-symbolicname org.apiguardian.api Medium Product Manifest Implementation-Title apiguardian-api High Product Manifest specification-title apiguardian-api Medium Version file version 1.1.2 High Version Manifest Implementation-Version 1.1.2 High
asm-9.3.jar asm-9.4.jarLicense:
BSD-3-Clause;link=https://asm.ow2.io/LICENSE.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.ow2.asm/asm/9.4/b4e0e2d2e023aa317b7cfcfc916377ea348e07d1/asm-9.4.jar
MD5: ffa64f03a23a4823d98703e6ce6ff397
SHA1: b4e0e2d2e023aa317b7cfcfc916377ea348e07d1
SHA256: 39d0e2b3dc45af65a09b097945750a94a126e052e124f93468443a1d0e15f381
Referenced In Projects/Scopes: opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 asm-9.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name asm High Vendor gradle artifactid asm Highest Vendor gradle groupid org.ow2.asm Highest Vendor jar package name asm Highest Vendor jar package name asm Low Vendor jar package name objectweb Highest Vendor jar package name objectweb Low Vendor Manifest bundle-docurl http://asm.ow2.org Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.objectweb.asm Medium Product file name asm High Product gradle artifactid asm Highest Product jar package name asm Highest Product jar package name asm Low Product jar package name objectweb Highest Product Manifest bundle-docurl http://asm.ow2.org Low Product Manifest Bundle-Name org.objectweb.asm Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.objectweb.asm Medium Product Manifest Implementation-Title ASM, a very small and fast Java bytecode manipulation framework High Version file version 9.4 High Version Manifest Implementation-Version 9.4 High
asm-9.5.jarLicense:
BSD-3-Clause;link=https://asm.ow2.io/LICENSE.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.ow2.asm/asm/9.5/dc6ea1875f4d64fbc85e1691c95b96a3d8569c90/asm-9.5.jar
MD5: 29721ee4b5eacf0a34b204c345c8bc69
SHA1: dc6ea1875f4d64fbc85e1691c95b96a3d8569c90
SHA256: b62e84b5980729751b0458c534cf1366f727542bb8d158621335682a460f0353
Referenced In Projects/Scopes: opencdx-classification-analyzer:jacocoAnt opencdx-helloworld:jacocoAnt opencdx-logistics:jacocoAnt opencdx-audit:jacocoAnt opencdx-discovery:jacocoAnt opencdx-gateway:jacocoAnt opencdx-admin:jacocoAnt opencdx-media:jacocoAnt opencdx-questionnaire:jacocoAnt opencdx-iam:jacocoAnt opencdx-proto:jacocoAnt opencdx-tinkar:jacocoAnt opencdx-config:jacocoAnt opencdx-client:jacocoAnt opencdx-health:jacocoAnt opencdx-communications:jacocoAnt OpenCDX:jacocoAnt opencdx-classification:jacocoAnt opencdx-commons:jacocoAnt asm-9.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 Evidence Type Source Name Value Confidence Vendor file name asm High Vendor gradle artifactid asm Highest Vendor gradle groupid org.ow2.asm Highest Vendor jar package name asm Highest Vendor jar package name asm Low Vendor jar package name objectweb Highest Vendor jar package name objectweb Low Vendor Manifest bundle-docurl http://asm.ow2.org Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.objectweb.asm Medium Product file name asm High Product gradle artifactid asm Highest Product jar package name asm Highest Product jar package name asm Low Product jar package name objectweb Highest Product Manifest bundle-docurl http://asm.ow2.org Low Product Manifest Bundle-Name org.objectweb.asm Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.objectweb.asm Medium Product Manifest Implementation-Title ASM, a very small and fast Java bytecode manipulation framework High Version file version 9.5 High Version Manifest Implementation-Version 9.5 High
asm-commons-9.5.jarLicense:
BSD-3-Clause;link=https://asm.ow2.io/LICENSE.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.ow2.asm/asm-commons/9.5/19ab5b5800a3910d30d3a3e64fdb00fd0cb42de0/asm-commons-9.5.jar
MD5: 7d1fce986192f71722b19754e4cb9e61
SHA1: 19ab5b5800a3910d30d3a3e64fdb00fd0cb42de0
SHA256: 72eee9fbafb9de8d9463f20dd584a48ceeb7e5152ad4c987bfbe17dd4811c9ae
Referenced In Projects/Scopes: opencdx-classification-analyzer:jacocoAnt opencdx-helloworld:jacocoAnt opencdx-logistics:jacocoAnt opencdx-audit:jacocoAnt opencdx-discovery:jacocoAnt opencdx-gateway:jacocoAnt opencdx-admin:jacocoAnt opencdx-media:jacocoAnt opencdx-questionnaire:jacocoAnt opencdx-iam:jacocoAnt opencdx-proto:jacocoAnt opencdx-tinkar:jacocoAnt opencdx-config:jacocoAnt opencdx-client:jacocoAnt opencdx-health:jacocoAnt opencdx-communications:jacocoAnt OpenCDX:jacocoAnt opencdx-classification:jacocoAnt opencdx-commons:jacocoAnt asm-commons-9.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 Evidence Type Source Name Value Confidence Vendor file name asm-commons High Vendor gradle artifactid asm-commons Highest Vendor gradle groupid org.ow2.asm Highest Vendor jar package name asm Highest Vendor jar package name asm Low Vendor jar package name commons Highest Vendor jar package name commons Low Vendor jar package name objectweb Highest Vendor jar package name objectweb Low Vendor Manifest bundle-docurl http://asm.ow2.org Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.objectweb.asm.commons Medium Vendor Manifest module-requires org.objectweb.asm;transitive=true,org.objectweb.asm.tree;transitive=true Low Product file name asm-commons High Product gradle artifactid asm-commons Highest Product jar package name asm Highest Product jar package name asm Low Product jar package name commons Highest Product jar package name commons Low Product jar package name objectweb Highest Product Manifest bundle-docurl http://asm.ow2.org Low Product Manifest Bundle-Name org.objectweb.asm.commons Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.objectweb.asm.commons Medium Product Manifest Implementation-Title Usefull class adapters based on ASM, a very small and fast Java bytecode manipulation framework High Product Manifest module-requires org.objectweb.asm;transitive=true,org.objectweb.asm.tree;transitive=true Low Version file version 9.5 High Version Manifest Implementation-Version 9.5 High
asm-tree-9.5.jarLicense:
BSD-3-Clause;link=https://asm.ow2.io/LICENSE.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.ow2.asm/asm-tree/9.5/fd33c8b6373abaa675be407082fdfda35021254a/asm-tree-9.5.jar
MD5: 44755681b7d6fa7143afbb438e55c20c
SHA1: fd33c8b6373abaa675be407082fdfda35021254a
SHA256: 3c33a648191079aeaeaeb7c19a49b153952f9e40fe86fbac5205554ddd9acd94
Referenced In Projects/Scopes: opencdx-classification-analyzer:jacocoAnt opencdx-helloworld:jacocoAnt opencdx-logistics:jacocoAnt opencdx-audit:jacocoAnt opencdx-discovery:jacocoAnt opencdx-gateway:jacocoAnt opencdx-admin:jacocoAnt opencdx-media:jacocoAnt opencdx-questionnaire:jacocoAnt opencdx-iam:jacocoAnt opencdx-proto:jacocoAnt opencdx-tinkar:jacocoAnt opencdx-config:jacocoAnt opencdx-client:jacocoAnt opencdx-health:jacocoAnt opencdx-communications:jacocoAnt OpenCDX:jacocoAnt opencdx-classification:jacocoAnt opencdx-commons:jacocoAnt asm-tree-9.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 Evidence Type Source Name Value Confidence Vendor file name asm-tree High Vendor gradle artifactid asm-tree Highest Vendor gradle groupid org.ow2.asm Highest Vendor jar package name asm Highest Vendor jar package name asm Low Vendor jar package name objectweb Highest Vendor jar package name objectweb Low Vendor jar package name tree Highest Vendor jar package name tree Low Vendor Manifest bundle-docurl http://asm.ow2.org Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.objectweb.asm.tree Medium Vendor Manifest module-requires org.objectweb.asm;transitive=true Low Product file name asm-tree High Product gradle artifactid asm-tree Highest Product jar package name asm Highest Product jar package name asm Low Product jar package name objectweb Highest Product jar package name tree Highest Product jar package name tree Low Product Manifest bundle-docurl http://asm.ow2.org Low Product Manifest Bundle-Name org.objectweb.asm.tree Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.objectweb.asm.tree Medium Product Manifest Implementation-Title Tree API of ASM, a very small and fast Java bytecode manipulation framework High Product Manifest module-requires org.objectweb.asm;transitive=true Low Version file version 9.5 High Version Manifest Implementation-Version 9.5 High
aspectjweaver-1.9.21.jar assertj-core-3.24.2.jarDescription:
Rich and fluent assertions for testing in Java License:
"Apache License, Version 2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.assertj/assertj-core/3.24.2/ebbf338e33f893139459ce5df023115971c2786f/assertj-core-3.24.2.jar
MD5: b596a91049e6ce526bc5595c1bebea2c
SHA1: ebbf338e33f893139459ce5df023115971c2786f
SHA256: df3d0b348f1fe806bdddcb10fa4ae63c6679e9888d4bc7055f09848517976aa3
Referenced In Projects/Scopes: opencdx-client:productionRuntimeClasspath opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-client:compileClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath assertj-core-3.24.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name assertj-core High Vendor gradle artifactid assertj-core Highest Vendor gradle groupid org.assertj Highest Vendor jar package name assertions Highest Vendor jar package name assertj Highest Vendor jar package name core Highest Vendor Manifest bundle-developers joel-costigliola;email="joel.costigliola at gmail.com";name="Joel Costigliola";roles="Owner,Developer",scordio;name="Stefano Cordio";roles=Developer,PascalSchumacher;name="Pascal Schumacher";roles=Developer,epeee;name="Erhard Pointl";roles=Developer,croesch;name="Christian Rösch";roles=Developer,VanRoy;name="Julien Roy";roles=Developer,regis1512;name="Régis Pouiller";roles=Developer,fbiville;name="Florent Biville";roles=Developer,Patouche;name="Patrick Allain";roles=Developer Low Vendor Manifest bundle-docurl https://assertj.github.io/doc/#assertj-core Low Vendor Manifest bundle-symbolicname assertj-core Medium Vendor Manifest multi-release true Low Vendor pom artifactid assertj-core Low Vendor pom groupid org.assertj Highest Vendor pom name AssertJ Core High Vendor pom parent-artifactid assertj-parent Low Vendor pom url # Highest Product file name assertj-core High Product gradle artifactid assertj-core Highest Product jar package name assertions Highest Product jar package name assertj Highest Product jar package name core Highest Product Manifest bundle-developers joel-costigliola;email="joel.costigliola at gmail.com";name="Joel Costigliola";roles="Owner,Developer",scordio;name="Stefano Cordio";roles=Developer,PascalSchumacher;name="Pascal Schumacher";roles=Developer,epeee;name="Erhard Pointl";roles=Developer,croesch;name="Christian Rösch";roles=Developer,VanRoy;name="Julien Roy";roles=Developer,regis1512;name="Régis Pouiller";roles=Developer,fbiville;name="Florent Biville";roles=Developer,Patouche;name="Patrick Allain";roles=Developer Low Product Manifest bundle-docurl https://assertj.github.io/doc/#assertj-core Low Product Manifest Bundle-Name AssertJ Core Medium Product Manifest bundle-symbolicname assertj-core Medium Product Manifest multi-release true Low Product pom artifactid assertj-core Highest Product pom groupid org.assertj Highest Product pom name AssertJ Core High Product pom parent-artifactid assertj-parent Medium Product pom url # Medium Version file version 3.24.2 High Version gradle version 3.24.2 Highest Version Manifest Bundle-Version 3.24.2 High Version pom version 3.24.2 Highest
attoparser-2.0.7.RELEASE.jarDescription:
Powerful, fast and easy to use HTML and XML parser for Java License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.attoparser/attoparser/2.0.7.RELEASE/e5d0e988d9124139d645bb5872b24dfa23e283cc/attoparser-2.0.7.RELEASE.jar
MD5: fd09ceba7061e05460e74e0e1e64f233
SHA1: e5d0e988d9124139d645bb5872b24dfa23e283cc
SHA256: 75dd1c045492bff8e1963aabb28bfe903c2064e11e27fe2f0f0aff1ad3d84476
Referenced In Projects/Scopes: opencdx-admin:compileClasspath opencdx-communications:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-communications:compileClasspath attoparser-2.0.7.RELEASE.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.2.4 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.2.4 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.2.4 Evidence Type Source Name Value Confidence Vendor file name attoparser High Vendor gradle artifactid attoparser Highest Vendor gradle groupid org.attoparser Highest Vendor jar package name attoparser Highest Vendor jar package name attoparser Low Vendor Manifest automatic-module-name attoparser Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://www.attoparser.org Low Vendor Manifest bundle-symbolicname org.attoparser Medium Vendor Manifest implementation-url https://www.attoparser.org Low Vendor Manifest Implementation-Vendor The ATTOPARSER team High Vendor Manifest Implementation-Vendor-Id org.attoparser Medium Vendor Manifest specification-vendor The ATTOPARSER team Low Product file name attoparser High Product gradle artifactid attoparser Highest Product jar package name attoparser Highest Product Manifest automatic-module-name attoparser Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://www.attoparser.org Low Product Manifest Bundle-Name attoparser Medium Product Manifest bundle-symbolicname org.attoparser Medium Product Manifest Implementation-Title attoparser High Product Manifest implementation-url https://www.attoparser.org Low Product Manifest specification-title attoparser Medium Version file version 2.0.7.release High Version Manifest Implementation-Version 2.0.7.RELEASE High
auto-service-1.0.1-r3.jar (shaded: com.google.auto.service:auto-service-annotations:1.0.1)Description:
Provider-configuration files for ServiceLoader.
File Path: /Users/jeffmiller/.m2/repository/dev/ikm/jpms/auto-service/1.0.1-r3/auto-service-1.0.1-r3.jar/META-INF/maven/com.google.auto.service/auto-service-annotations/pom.xmlMD5: fc9973fa2769d6d345026b3044f86274SHA1: 32648769d404dad4bada776b2d4537d1e0e25c38SHA256: e9bbf1b3d66ca18004a6a07a20dbfa10ca2ce8367348f741de2fe8fefce68cc2Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath Evidence Type Source Name Value Confidence Vendor pom artifactid auto-service-annotations Low Vendor pom groupid com.google.auto.service Highest Vendor pom name AutoService High Vendor pom parent-artifactid auto-service-aggregator Low Vendor pom url google/auto/tree/master/service Highest Product pom artifactid auto-service-annotations Highest Product pom groupid com.google.auto.service Highest Product pom name AutoService High Product pom parent-artifactid auto-service-aggregator Medium Product pom url google/auto/tree/master/service High Version pom version 1.0.1 Highest
auto-service-1.0.1-r3.jarFile Path: /Users/jeffmiller/.m2/repository/dev/ikm/jpms/auto-service/1.0.1-r3/auto-service-1.0.1-r3.jarMD5: c2b2e877fea407ee880c6d6ec378bf46SHA1: 69880a256fc329fedec226f77db0823964fd0500SHA256: edefaf3a0d5c97f3a473fd425437a59f367223b06c67d18cd2e2d576ca8e88e0Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath auto-service-1.0.1-r3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/common@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/common@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/common@1.37.0 Evidence Type Source Name Value Confidence Vendor file name auto-service High Vendor gradle artifactid auto-service Highest Vendor gradle groupid dev.ikm.jpms Highest Vendor jar package name auto Highest Vendor jar package name service Highest Vendor Manifest build-jdk-spec 20 Low Vendor pom artifactid auto-service Low Vendor pom groupid dev.ikm.jpms Highest Vendor pom name Auto service High Vendor pom parent-artifactid java-parent Low Vendor pom parent-groupid dev.ikm.build Medium Product file name auto-service High Product gradle artifactid auto-service Highest Product jar package name auto Highest Product jar package name service Highest Product Manifest build-jdk-spec 20 Low Product pom artifactid auto-service Highest Product pom groupid dev.ikm.jpms Highest Product pom name Auto service High Product pom parent-artifactid java-parent Medium Product pom parent-groupid dev.ikm.build Medium Version pom version 0.4.0 Highest
awaitility-4.2.0.jar bcprov-jdk18on-1.74.jar bootstrap.min.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/bootstrap/dist/js/bootstrap.min.jsMD5: 5869c96cc8f19086aee625d670d741f9SHA1: 430a443d74830fe9be26efca431f448c1b3740f9SHA256: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486efReferenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence Vendor file name bootstrap High Product file name bootstrap High Version file version 3.3.7 High
CVE-2016-10735 suppress
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions (NVD):
cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 3.0.0; versions up to (excluding) 3.4.0 cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:* CVE-2018-14041 suppress
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions (NVD):
cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.0.0; versions up to (excluding) 4.1.2 cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:* cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:* cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:* cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:* cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:* cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:* cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:* cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:* cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:* CVE-2018-14042 suppress
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions (NVD):
cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0 cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.0.0; versions up to (excluding) 4.1.2 cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:* cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:* cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:* cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:* cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:* cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:* cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:* cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:* cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:* CVE-2018-20676 suppress
In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions (NVD):
cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0 CVE-2018-20677 suppress
In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions (NVD):
cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0 CVE-2019-8331 suppress
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A References:
cve@mitre.org - ISSUE_TRACKING,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY,VDB_ENTRY cve@mitre.org - THIRD_PARTY_ADVISORY,VDB_ENTRY cve@mitre.org - VENDOR_ADVISORY info - https://github.com/advisories/GHSA-9v3m-8fp8-mj99 info - https://github.com/twbs/bootstrap/issues/28236 Vulnerable Software & Versions (NVD):
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1 cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4 cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5 cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0 cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1 cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4 cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5 cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0 cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1 cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4 cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5 cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0 cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1 cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4 cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5 cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0 cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1 cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4 cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5 cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0 cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1 cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4 cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5 cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0 cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1 cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4 cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5 cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0 cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1 cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4 cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5 cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0 cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1 cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4 cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5 cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0 cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1 cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4 cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5 cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0 cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1 cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4 cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5 cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0 cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1 cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4 cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5 cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0 cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1 cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4 cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5 cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0 cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.1 cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.3.0; versions up to (excluding) 4.3.1 cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:* cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:* versions up to (excluding) 5.19.0 Bootstrap before 4.0.0 is end-of-life and no longer maintained. (RETIREJS) suppress
Bootstrap before 4.0.0 is end-of-life and no longer maintained. Unscored:
References:
brave-5.16.0.jar brave-context-slf4j-5.16.0.jar brave-instrumentation-http-5.16.0.jar brave-propagation-aws-0.23.5.jar bson-4.11.1.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.mongodb/bson/4.11.1/b88ffb4f994f5fef89084f037bb17f8285aaa925/bson-4.11.1.jarMD5: 5c73f367d2e1e9e9a83ad6c8467956a8SHA1: b88ffb4f994f5fef89084f037bb17f8285aaa925SHA256: d6590dbb96826812f9d1eb4a8f309f2bfb58f99ea773807e35cb92d50b7e2d30Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath bson-4.11.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/net.javacrumbs.shedlock/shedlock-provider-mongo@5.8.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/net.javacrumbs.shedlock/shedlock-provider-mongo@5.8.0 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/net.javacrumbs.shedlock/shedlock-provider-mongo@5.8.0 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name bson High Vendor gradle artifactid bson Highest Vendor gradle groupid org.mongodb Highest Vendor jar package name bson Highest Vendor jar package name bson Low Vendor Manifest automatic-module-name org.mongodb.bson Medium Vendor Manifest bundle-symbolicname org.mongodb.bson Medium Product file name bson High Product gradle artifactid bson Highest Product jar package name bson Highest Product Manifest automatic-module-name org.mongodb.bson Medium Product Manifest Bundle-Name bson Medium Product Manifest bundle-symbolicname org.mongodb.bson Medium Version file name bson Medium Version file version 4.11.1 High Version gradle version 4.11.1 Highest Version Manifest build-version 4.11.1 Medium Version Manifest Bundle-Version 4.11.1 High
bson-record-codec-4.11.1.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.mongodb/bson-record-codec/4.11.1/d7c145266733ead62fa55883b83840931f6eefe5/bson-record-codec-4.11.1.jarMD5: 687032b466e27b1723235f977a337be2SHA1: d7c145266733ead62fa55883b83840931f6eefe5SHA256: aec28ce1ee0c7b3c599f1965a940093543710e4a36e7df6e7889e1e796a06192Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-tinkar:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-helloworld:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath bson-record-codec-4.11.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/net.javacrumbs.shedlock/shedlock-provider-mongo@5.8.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/net.javacrumbs.shedlock/shedlock-provider-mongo@5.8.0 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name bson-record-codec High Vendor gradle artifactid bson-record-codec Highest Vendor gradle groupid org.mongodb Highest Vendor jar package name bson Highest Vendor jar package name bson Low Vendor jar package name codecs Low Vendor jar package name record Highest Vendor jar package name record Low Vendor Manifest automatic-module-name org.mongodb.bson.record.codec Medium Vendor Manifest bundle-symbolicname org.mongodb.bson-record-codec Medium Product file name bson-record-codec High Product gradle artifactid bson-record-codec Highest Product jar package name bson Highest Product jar package name codecs Low Product jar package name record Highest Product jar package name record Low Product Manifest automatic-module-name org.mongodb.bson.record.codec Medium Product Manifest Bundle-Name bson-record-codec Medium Product Manifest bundle-symbolicname org.mongodb.bson-record-codec Medium Version file name bson-record-codec Medium Version file version 4.11.1 High Version gradle version 4.11.1 Highest Version Manifest build-version 4.11.1 Medium Version Manifest Bundle-Version 4.11.1 High
byte-buddy-1.14.12.jar byte-buddy-agent-1.14.12.jar caffeine-3.1.8.jarDescription:
A high performance caching library License:
https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.github.ben-manes.caffeine/caffeine/3.1.8/24795585df8afaf70a2cd534786904ea5889c047/caffeine-3.1.8.jar
MD5: b19301179903e8781776397d9923f7c8
SHA1: 24795585df8afaf70a2cd534786904ea5889c047
SHA256: 7dd15f9df1be238ffaa367ce6f556737a88031de4294dad18eef57c474ddf1d3
Referenced In Projects/Scopes: opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath caffeine-3.1.8.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 Evidence Type Source Name Value Confidence Vendor file name caffeine High Vendor gradle artifactid caffeine Highest Vendor gradle groupid com.github.ben-manes.caffeine Highest Vendor jar package name benmanes Highest Vendor jar package name benmanes Low Vendor jar package name caffeine Highest Vendor jar package name caffeine Low Vendor jar package name github Highest Vendor jar package name github Low Vendor Manifest automatic-module-name com.github.benmanes.caffeine Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-symbolicname com.github.ben-manes.caffeine Medium Product file name caffeine High Product gradle artifactid caffeine Highest Product jar package name benmanes Highest Product jar package name benmanes Low Product jar package name cache Low Product jar package name caffeine Highest Product jar package name caffeine Low Product jar package name github Highest Product Manifest automatic-module-name com.github.benmanes.caffeine Medium Product Manifest build-jdk-spec 11 Low Product Manifest Bundle-Name com.github.ben-manes.caffeine Medium Product Manifest bundle-symbolicname com.github.ben-manes.caffeine Medium Product Manifest Implementation-Title A high performance caching library High Version file version 3.1.8 High Version Manifest Implementation-Version 3.1.8 High
checker-qual-3.33.0.jar checker-qual-3.34.0.jarLicense:
MIT File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.checkerframework/checker-qual/3.34.0/fd620da2920cdb0bfcbcde20e309f75940198ccf/checker-qual-3.34.0.jar
MD5: 8e9c6363624cffa5b6f3324d9155f05b
SHA1: fd620da2920cdb0bfcbcde20e309f75940198ccf
SHA256: 5dd03e83e375bd7a16a5e7ed6aa6128d058639d314ed25daeb7ab74e596326dd
Referenced In Projects/Scopes: opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 checker-qual-3.34.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name checker-qual High Vendor gradle artifactid checker-qual Highest Vendor gradle groupid org.checkerframework Highest Vendor jar package name checker Highest Vendor jar package name checker Low Vendor jar package name checkerframework Highest Vendor jar package name checkerframework Low Vendor jar package name qual Highest Vendor Manifest automatic-module-name org.checkerframework.checker.qual Medium Vendor Manifest bundle-symbolicname checker-qual Medium Vendor Manifest implementation-url https://checkerframework.org Low Product file name checker-qual High Product gradle artifactid checker-qual Highest Product jar package name checker Highest Product jar package name checker Low Product jar package name checkerframework Highest Product jar package name qual Highest Product jar package name qual Low Product Manifest automatic-module-name org.checkerframework.checker.qual Medium Product Manifest Bundle-Name checker-qual Medium Product Manifest bundle-symbolicname checker-qual Medium Product Manifest implementation-url https://checkerframework.org Low Version file version 3.34.0 High Version Manifest Implementation-Version 3.34.0 High
checker-qual-3.37.0.jarLicense:
MIT File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.checkerframework/checker-qual/3.37.0/ba74746d38026581c12166e164bb3c15e90cc4ea/checker-qual-3.37.0.jar
MD5: 1ff1eed173ff9d6f208d0a5be8f5623d
SHA1: ba74746d38026581c12166e164bb3c15e90cc4ea
SHA256: e4ce1376cc2735e1dde220b62ad0913f51297704daad155a33f386bc5db0d9f7
Referenced In Projects/Scopes: opencdx-questionnaire:spotless865458226 opencdx-commons:spotless865458226 opencdx-proto:spotless865458226 opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:spotless865458226 opencdx-tinkar:runtimeClasspath opencdx-gateway:spotless865458226 opencdx-config:spotless865458226 opencdx-health:spotless865458226 opencdx-classification:spotless865458226 opencdx-communications:spotless865458226 opencdx-discovery:spotless865458226 OpenCDX:spotless865458226 opencdx-admin:spotless865458226 opencdx-helloworld:spotless865458226 opencdx-iam:spotless865458226 opencdx-tinkar:compileClasspath opencdx-media:spotless865458226 opencdx-client:spotless865458226 opencdx-audit:spotless865458226 opencdx-classification-analyzer:spotless865458226 opencdx-logistics:spotless865458226 checker-qual-3.37.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 Evidence Type Source Name Value Confidence Vendor file name checker-qual High Vendor gradle artifactid checker-qual Highest Vendor gradle groupid org.checkerframework Highest Vendor jar package name checker Highest Vendor jar package name checker Low Vendor jar package name checkerframework Highest Vendor jar package name checkerframework Low Vendor jar package name qual Highest Vendor Manifest automatic-module-name org.checkerframework.checker.qual Medium Vendor Manifest bundle-symbolicname checker-qual Medium Vendor Manifest implementation-url https://checkerframework.org Low Product file name checker-qual High Product gradle artifactid checker-qual Highest Product jar package name checker Highest Product jar package name checker Low Product jar package name checkerframework Highest Product jar package name qual Highest Product jar package name qual Low Product Manifest automatic-module-name org.checkerframework.checker.qual Medium Product Manifest Bundle-Name checker-qual Medium Product Manifest bundle-symbolicname checker-qual Medium Product Manifest implementation-url https://checkerframework.org Low Version file version 3.37.0 High Version Manifest Implementation-Version 3.37.0 High
classmate-1.6.0.jar code-cleaners-2.16.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.github.solven-eu.cleanthat/code-cleaners/2.16/e3cd56195cd503b6a51b3a456800e3e47176569/code-cleaners-2.16.jarMD5: 1d5e9db5def36ae8950f3d6f266ceed6SHA1: 0e3cd56195cd503b6a51b3a456800e3e47176569SHA256: 3307fb959efd235fcc14a7c1c69f8d12cda597b6c786f334b401d9cf09de545eReferenced In Projects/Scopes:
opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 code-cleaners-2.16.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name code-cleaners High Vendor gradle artifactid code-cleaners Highest Vendor gradle groupid io.github.solven-eu.cleanthat Highest Vendor jar package name cleanthat Highest Vendor jar package name eu Highest Vendor jar package name solven Highest Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid code-cleaners Low Vendor pom groupid io.github.solven-eu.cleanthat Highest Vendor pom parent-artifactid aggregator-cleanthat Low Product file name code-cleaners High Product gradle artifactid code-cleaners Highest Product jar package name cleanthat Highest Product jar package name eu Highest Product jar package name solven Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title code-cleaners High Product pom artifactid code-cleaners Highest Product pom groupid io.github.solven-eu.cleanthat Highest Product pom parent-artifactid aggregator-cleanthat Medium Version file version 2.16 High Version gradle version 2.16 Highest Version Manifest Implementation-Version 2.16 High Version pom version 2.16 Highest
code-providers-2.16.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.github.solven-eu.cleanthat/code-providers/2.16/ac5c720e99a1cbc776d3a9cab921d2364146f707/code-providers-2.16.jarMD5: de8983f7b92bfc58455a629a400a572fSHA1: ac5c720e99a1cbc776d3a9cab921d2364146f707SHA256: cf55a05f1457a3c59f2ca9d92c289ff1d357ed763d9af0420000b306296b607bReferenced In Projects/Scopes:
opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 code-providers-2.16.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name code-providers High Vendor gradle artifactid code-providers Highest Vendor gradle groupid io.github.solven-eu.cleanthat Highest Vendor jar package name cleanthat Highest Vendor jar package name eu Highest Vendor jar package name solven Highest Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid code-providers Low Vendor pom groupid io.github.solven-eu.cleanthat Highest Vendor pom parent-artifactid aggregator-cleanthat Low Product file name code-providers High Product gradle artifactid code-providers Highest Product jar package name cleanthat Highest Product jar package name eu Highest Product jar package name solven Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title code-providers High Product pom artifactid code-providers Highest Product pom groupid io.github.solven-eu.cleanthat Highest Product pom parent-artifactid aggregator-cleanthat Medium Version file version 2.16 High Version gradle version 2.16 Highest Version Manifest Implementation-Version 2.16 High Version pom version 2.16 Highest
collection-1.37.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/dev.ikm.tinkar/collection/1.37.0/105a82ba631a7f3545c003030fd957c75cc24e12/collection-1.37.0.jarMD5: 91bc5612b364903950b046d88cde1251SHA1: 105a82ba631a7f3545c003030fd957c75cc24e12SHA256: eb51e2a0f7070af2ef88888dae0728b0d373fc022f353bf7ae7db38d53cf3917Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath collection-1.37.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 Evidence Type Source Name Value Confidence Vendor file name collection High Vendor gradle artifactid collection Highest Vendor gradle groupid dev.ikm.tinkar Highest Vendor jar package name collection Highest Vendor jar package name dev Highest Vendor jar package name ikm Highest Vendor jar package name tinkar Highest Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid collection Low Vendor pom groupid dev.ikm.tinkar Highest Vendor pom name TINKAR Collections High Vendor pom parent-artifactid tinkar-core Low Product file name collection High Product gradle artifactid collection Highest Product jar package name collection Highest Product jar package name dev Highest Product jar package name ikm Highest Product jar package name tinkar Highest Product Manifest build-jdk-spec 21 Low Product pom artifactid collection Highest Product pom groupid dev.ikm.tinkar Highest Product pom name TINKAR Collections High Product pom parent-artifactid tinkar-core Medium Version file version 1.37.0 High Version gradle version 1.37.0 Highest Version pom version 1.37.0 Highest
common-1.37.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/dev.ikm.tinkar/common/1.37.0/30e9b3e3efdeaf6bb8a02aa335e45c302df9004c/common-1.37.0.jarMD5: 52dba35749fcf13fd310b5142624a922SHA1: 30e9b3e3efdeaf6bb8a02aa335e45c302df9004cSHA256: 6136a28991972de14c3f61da89c8aba99dfc61af993241536d32b211ba0fa80fReferenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath common-1.37.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 Evidence Type Source Name Value Confidence Vendor file name common High Vendor gradle artifactid common Highest Vendor gradle groupid dev.ikm.tinkar Highest Vendor jar package name common Highest Vendor jar package name dev Highest Vendor jar package name ikm Highest Vendor jar package name tinkar Highest Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid common Low Vendor pom groupid dev.ikm.tinkar Highest Vendor pom name TINKAR Common High Vendor pom parent-artifactid tinkar-core Low Product file name common High Product gradle artifactid common Highest Product jar package name common Highest Product jar package name dev Highest Product jar package name ikm Highest Product jar package name tinkar Highest Product Manifest build-jdk-spec 21 Low Product pom artifactid common Highest Product pom groupid dev.ikm.tinkar Highest Product pom name TINKAR Common High Product pom parent-artifactid tinkar-core Medium Version file version 1.37.0 High Version gradle version 1.37.0 Highest Version pom version 1.37.0 Highest
commons-codec-1.16.1.jarDescription:
The Apache Commons Codec component contains encoder and decoders for
various formats such as Base16, Base32, Base64, digest, and Hexadecimal. In addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/commons-codec/commons-codec/1.16.1/47bd4d333fba53406f6c6c51884ddbca435c8862/commons-codec-1.16.1.jar
MD5: 6c5be822d8d3fa61c3b54c4c8978dfdc
SHA1: 47bd4d333fba53406f6c6c51884ddbca435c8862
SHA256: ec87bfb55f22cbd1b21e2190eeda28b2b312ed2a431ee49fbdcc01812d04a5e4
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath commons-codec-1.16.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.github.openfeign/feign-httpclient@13.2.1 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/io.github.openfeign/feign-httpclient@13.2.1 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/io.github.openfeign/feign-httpclient@13.2.1 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name commons-codec High Vendor gradle artifactid commons-codec Highest Vendor gradle groupid commons-codec Highest Vendor jar package name apache Highest Vendor jar package name codec Highest Vendor jar package name commons Highest Vendor jar package name digest Highest Vendor jar package name encoder Highest Vendor Manifest automatic-module-name org.apache.commons.codec Medium Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-codec/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-codec Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest multi-release true Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-codec Low Vendor pom developer email bayard@apache.org Low Vendor pom developer email chtompki@apache.org Low Vendor pom developer email dgraham@apache.org Low Vendor pom developer email dlr@finemaltcoding.com Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email jon@collab.net Low Vendor pom developer email julius@apache.org Low Vendor pom developer email mattsicker@apache.org Low Vendor pom developer email rwaldhoff@apache.org Low Vendor pom developer email sanders@totalsync.com Low Vendor pom developer email tn@apache.org Low Vendor pom developer email tobrien@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id chtompki Medium Vendor pom developer id dgraham Medium Vendor pom developer id dlr Medium Vendor pom developer id ggregory Medium Vendor pom developer id jon Medium Vendor pom developer id julius Medium Vendor pom developer id mattsicker Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id sanders Medium Vendor pom developer id tn Medium Vendor pom developer id tobrien Medium Vendor pom developer name Daniel Rall Medium Vendor pom developer name David Graham Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name Jon S. Stevens Medium Vendor pom developer name Julius Davies Medium Vendor pom developer name Matt Sicker Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Thomas Neidhart Medium Vendor pom developer name Tim OBrien Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL http://juliusdavies.ca/ Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid commons-codec Highest Vendor pom name Apache Commons Codec High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-codec/ Highest Product file name commons-codec High Product gradle artifactid commons-codec Highest Product jar package name apache Highest Product jar package name codec Highest Product jar package name commons Highest Product jar package name digest Highest Product jar package name encoder Highest Product Manifest automatic-module-name org.apache.commons.codec Medium Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-codec/ Low Product Manifest Bundle-Name Apache Commons Codec Medium Product Manifest bundle-symbolicname org.apache.commons.commons-codec Medium Product Manifest Implementation-Title Apache Commons Codec High Product Manifest multi-release true Low Product Manifest specification-title Apache Commons Codec Medium Product pom artifactid commons-codec Highest Product pom developer email bayard@apache.org Low Product pom developer email chtompki@apache.org Low Product pom developer email dgraham@apache.org Low Product pom developer email dlr@finemaltcoding.com Low Product pom developer email ggregory at apache.org Low Product pom developer email jon@collab.net Low Product pom developer email julius@apache.org Low Product pom developer email mattsicker@apache.org Low Product pom developer email rwaldhoff@apache.org Low Product pom developer email sanders@totalsync.com Low Product pom developer email tn@apache.org Low Product pom developer email tobrien@apache.org Low Product pom developer id bayard Low Product pom developer id chtompki Low Product pom developer id dgraham Low Product pom developer id dlr Low Product pom developer id ggregory Low Product pom developer id jon Low Product pom developer id julius Low Product pom developer id mattsicker Low Product pom developer id rwaldhoff Low Product pom developer id sanders Low Product pom developer id tn Low Product pom developer id tobrien Low Product pom developer name Daniel Rall Low Product pom developer name David Graham Low Product pom developer name Gary Gregory Low Product pom developer name Henri Yandell Low Product pom developer name Jon S. Stevens Low Product pom developer name Julius Davies Low Product pom developer name Matt Sicker Low Product pom developer name Rob Tompkins Low Product pom developer name Rodney Waldhoff Low Product pom developer name Scott Sanders Low Product pom developer name Thomas Neidhart Low Product pom developer name Tim OBrien Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL http://juliusdavies.ca/ Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid commons-codec Highest Product pom name Apache Commons Codec High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-codec/ Medium Version file version 1.16.1 High Version gradle version 1.16.1 Highest Version Manifest Bundle-Version 1.16.1 High Version Manifest Implementation-Version 1.16.1 High Version pom parent-version 1.16.1 Low Version pom version 1.16.1 Highest
commons-configuration-1.10.jarDescription:
Tools to assist in the reading of configuration/preferences files in various formats. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/commons-configuration/commons-configuration/1.10/2b36e4adfb66d966c5aef2d73deb6be716389dc9/commons-configuration-1.10.jar
MD5: b16511ce540fefd53981245f5f21c5f8
SHA1: 2b36e4adfb66d966c5aef2d73deb6be716389dc9
SHA256: 95d4e6711e88ce78992c82c25bc03c8df9ecf5a357f0de0bec72a26db3399374
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath commons-configuration-1.10.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name commons-configuration High Vendor gradle artifactid commons-configuration Highest Vendor gradle groupid commons-configuration Highest Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name configuration Highest Vendor Manifest bundle-docurl http://commons.apache.org/configuration/ Low Vendor Manifest bundle-symbolicname org.apache.commons.configuration Medium Vendor Manifest implementation-build tags/CONFIGURATION_1_10RC2@r1535308; 2013-10-24 01:20:22-0700 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-configuration Low Vendor pom developer email bdunbar@dunbarconsulting.org Low Vendor pom developer email dion@multitask.com.au Low Vendor pom developer email dlr@finemaltcoding.com Low Vendor pom developer email ebourg@apache.org Low Vendor pom developer email epugh@upstate.com Low Vendor pom developer email henning@schmiedehausen.org Low Vendor pom developer email jason@zenplex.com Low Vendor pom developer email joerg.schaible@gmx.de Low Vendor pom developer email mpoeschl@marmot.at Low Vendor pom developer email oheger@apache.org Low Vendor pom developer email rgoers@apache.org Low Vendor pom developer id bdunbar Medium Vendor pom developer id dion Medium Vendor pom developer id dlr Medium Vendor pom developer id ebourg Medium Vendor pom developer id epugh Medium Vendor pom developer id henning Medium Vendor pom developer id joehni Medium Vendor pom developer id jvanzyl Medium Vendor pom developer id mpoeschl Medium Vendor pom developer id oheger Medium Vendor pom developer id rgoers Medium Vendor pom developer name Brian E. Dunbar Medium Vendor pom developer name Daniel Rall Medium Vendor pom developer name dIon Gillard Medium Vendor pom developer name Emmanuel Bourg Medium Vendor pom developer name Eric Pugh Medium Vendor pom developer name Henning P. Schmiedehausen Medium Vendor pom developer name Jason van Zyl Medium Vendor pom developer name Jörg Schaible Medium Vendor pom developer name Martin Poeschl Medium Vendor pom developer name Oliver Heger Medium Vendor pom developer name Ralph Goers Medium Vendor pom developer org Agfa HealthCare Medium Vendor pom developer org Ariane Software Medium Vendor pom developer org CollabNet, Inc. Medium Vendor pom developer org dunbarconsulting.org Medium Vendor pom developer org Intuit Medium Vendor pom developer org Multitask Consulting Medium Vendor pom developer org tucana.at Medium Vendor pom developer org upstate.com Medium Vendor pom developer org Zenplex Medium Vendor pom groupid commons-configuration Highest Vendor pom name Apache Commons Configuration High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/configuration/ Highest Product file name commons-configuration High Product gradle artifactid commons-configuration Highest Product jar package name apache Highest Product jar package name commons Highest Product jar package name configuration Highest Product Manifest bundle-docurl http://commons.apache.org/configuration/ Low Product Manifest Bundle-Name Apache Commons Configuration Medium Product Manifest bundle-symbolicname org.apache.commons.configuration Medium Product Manifest implementation-build tags/CONFIGURATION_1_10RC2@r1535308; 2013-10-24 01:20:22-0700 Low Product Manifest Implementation-Title Apache Commons Configuration High Product Manifest specification-title Apache Commons Configuration Medium Product pom artifactid commons-configuration Highest Product pom developer email bdunbar@dunbarconsulting.org Low Product pom developer email dion@multitask.com.au Low Product pom developer email dlr@finemaltcoding.com Low Product pom developer email ebourg@apache.org Low Product pom developer email epugh@upstate.com Low Product pom developer email henning@schmiedehausen.org Low Product pom developer email jason@zenplex.com Low Product pom developer email joerg.schaible@gmx.de Low Product pom developer email mpoeschl@marmot.at Low Product pom developer email oheger@apache.org Low Product pom developer email rgoers@apache.org Low Product pom developer id bdunbar Low Product pom developer id dion Low Product pom developer id dlr Low Product pom developer id ebourg Low Product pom developer id epugh Low Product pom developer id henning Low Product pom developer id joehni Low Product pom developer id jvanzyl Low Product pom developer id mpoeschl Low Product pom developer id oheger Low Product pom developer id rgoers Low Product pom developer name Brian E. Dunbar Low Product pom developer name Daniel Rall Low Product pom developer name dIon Gillard Low Product pom developer name Emmanuel Bourg Low Product pom developer name Eric Pugh Low Product pom developer name Henning P. Schmiedehausen Low Product pom developer name Jason van Zyl Low Product pom developer name Jörg Schaible Low Product pom developer name Martin Poeschl Low Product pom developer name Oliver Heger Low Product pom developer name Ralph Goers Low Product pom developer org Agfa HealthCare Low Product pom developer org Ariane Software Low Product pom developer org CollabNet, Inc. Low Product pom developer org dunbarconsulting.org Low Product pom developer org Intuit Low Product pom developer org Multitask Consulting Low Product pom developer org tucana.at Low Product pom developer org upstate.com Low Product pom developer org Zenplex Low Product pom groupid commons-configuration Highest Product pom name Apache Commons Configuration High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/configuration/ Medium Version file version 1.10 High Version gradle version 1.10 Highest Version Manifest Implementation-Version 1.10 High Version pom parent-version 1.10 Low Version pom version 1.10 Highest
CVE-2024-29131 (OSSINDEX) suppress
Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1.
Users are recommended to upgrade to version 2.10.1, which fixes the issue.
Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2024-29131 for details CWE-787 Out-of-bounds Write
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:commons-configuration:commons-configuration:1.10:*:*:*:*:*:*:* CVE-2024-29133 (OSSINDEX) suppress
Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1.
Users are recommended to upgrade to version 2.10.1, which fixes the issue.
Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2024-29133 for details CWE-787 Out-of-bounds Write
CVSSv3:
Base Score: MEDIUM (4.400000095367432) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:commons-configuration:commons-configuration:1.10:*:*:*:*:*:*:* commons-fileupload-1.5.jarDescription:
The Apache Commons FileUpload component provides a simple yet flexible means of adding support for multipart
file upload functionality to servlets and web applications.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/commons-fileupload/commons-fileupload/1.5/ad4ad2ab2961b4e1891472bd1a33fabefb0385f3/commons-fileupload-1.5.jar
MD5: e57ac8a1a6412886a133a2fa08b89735
SHA1: ad4ad2ab2961b4e1891472bd1a33fabefb0385f3
SHA256: 51f7b3dcb4e50c7662994da2f47231519ff99707a5c7fb7b05f4c4d3a1728c14
Referenced In Projects/Scopes: opencdx-client:productionRuntimeClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-client:compileClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath commons-fileupload-1.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name commons-fileupload High Vendor gradle artifactid commons-fileupload Highest Vendor gradle groupid commons-fileupload Highest Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name fileupload Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-fileupload/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-fileupload Medium Vendor Manifest implementation-build UNKNOWN@r${buildNumber}; 2023-02-01 12:39:33+0000 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-fileupload Low Vendor pom developer email chtompki@apache.org Low Vendor pom developer email dion@apache.org Low Vendor pom developer email dlr@finemaltcoding.com Low Vendor pom developer email ggregory@apache.org Low Vendor pom developer email jason@zenplex.com Low Vendor pom developer email jmcnally@collab.net Low Vendor pom developer email jochen.wiedmann@gmail.com Low Vendor pom developer email martinc@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email sean |at| seansullivan |dot| com Low Vendor pom developer email simonetripodi@apache.org Low Vendor pom developer id chtompki Medium Vendor pom developer id dion Medium Vendor pom developer id dlr Medium Vendor pom developer id ggregory Medium Vendor pom developer id jmcnally Medium Vendor pom developer id jochen Medium Vendor pom developer id jvanzyl Medium Vendor pom developer id martinc Medium Vendor pom developer id rdonkin Medium Vendor pom developer id simonetripodi Medium Vendor pom developer id sullis Medium Vendor pom developer name Daniel Rall Medium Vendor pom developer name dIon Gillard Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Jason van Zyl Medium Vendor pom developer name Jochen Wiedmann Medium Vendor pom developer name John McNally Medium Vendor pom developer name Martin Cooper Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Sean C. Sullivan Medium Vendor pom developer name Simone Tripodi Medium Vendor pom developer org Adobe Medium Vendor pom developer org CollabNet Medium Vendor pom developer org Multitask Consulting Medium Vendor pom developer org Yahoo! Medium Vendor pom developer org Zenplex Medium Vendor pom groupid commons-fileupload Highest Vendor pom name Apache Commons FileUpload High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-fileupload/ Highest Product file name commons-fileupload High Product gradle artifactid commons-fileupload Highest Product jar package name apache Highest Product jar package name commons Highest Product jar package name fileupload Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-fileupload/ Low Product Manifest Bundle-Name Apache Commons FileUpload Medium Product Manifest bundle-symbolicname org.apache.commons.commons-fileupload Medium Product Manifest implementation-build UNKNOWN@r${buildNumber}; 2023-02-01 12:39:33+0000 Low Product Manifest Implementation-Title Apache Commons FileUpload High Product Manifest specification-title Apache Commons FileUpload Medium Product pom artifactid commons-fileupload Highest Product pom developer email chtompki@apache.org Low Product pom developer email dion@apache.org Low Product pom developer email dlr@finemaltcoding.com Low Product pom developer email ggregory@apache.org Low Product pom developer email jason@zenplex.com Low Product pom developer email jmcnally@collab.net Low Product pom developer email jochen.wiedmann@gmail.com Low Product pom developer email martinc@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email sean |at| seansullivan |dot| com Low Product pom developer email simonetripodi@apache.org Low Product pom developer id chtompki Low Product pom developer id dion Low Product pom developer id dlr Low Product pom developer id ggregory Low Product pom developer id jmcnally Low Product pom developer id jochen Low Product pom developer id jvanzyl Low Product pom developer id martinc Low Product pom developer id rdonkin Low Product pom developer id simonetripodi Low Product pom developer id sullis Low Product pom developer name Daniel Rall Low Product pom developer name dIon Gillard Low Product pom developer name Gary Gregory Low Product pom developer name Jason van Zyl Low Product pom developer name Jochen Wiedmann Low Product pom developer name John McNally Low Product pom developer name Martin Cooper Low Product pom developer name Rob Tompkins Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Sean C. Sullivan Low Product pom developer name Simone Tripodi Low Product pom developer org Adobe Low Product pom developer org CollabNet Low Product pom developer org Multitask Consulting Low Product pom developer org Yahoo! Low Product pom developer org Zenplex Low Product pom groupid commons-fileupload Highest Product pom name Apache Commons FileUpload High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-fileupload/ Medium Version file version 1.5 High Version gradle version 1.5 Highest Version Manifest Implementation-Version 1.5 High Version pom parent-version 1.5 Low Version pom version 1.5 Highest
commons-io-2.11.0.jarDescription:
The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/commons-io/commons-io/2.11.0/a2503f302b11ebde7ebc3df41daebe0e4eea3689/commons-io-2.11.0.jar
MD5: 3b4b7ccfaeceeac240b804839ee1a1ca
SHA1: a2503f302b11ebde7ebc3df41daebe0e4eea3689
SHA256: 961b2f6d87dbacc5d54abf45ab7a6e2495f89b75598962d8c723cea9bc210908
Referenced In Projects/Scopes: opencdx-client:productionRuntimeClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-client:compileClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath commons-io-2.11.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name commons-io High Vendor gradle artifactid commons-io Highest Vendor gradle groupid commons-io Highest Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name file Highest Vendor jar package name io Highest Vendor Manifest automatic-module-name org.apache.commons.io Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-io/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-io Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-io Low Vendor pom developer email bayard@apache.org Low Vendor pom developer email dion@apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email jeremias@apache.org Low Vendor pom developer email jochen.wiedmann@gmail.com Low Vendor pom developer email krosenvold@apache.org Low Vendor pom developer email martinc@apache.org Low Vendor pom developer email matth@apache.org Low Vendor pom developer email nicolaken@apache.org Low Vendor pom developer email roxspring@apache.org Low Vendor pom developer email sanders@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id dion Medium Vendor pom developer id ggregory Medium Vendor pom developer id jeremias Medium Vendor pom developer id jochen Medium Vendor pom developer id jukka Medium Vendor pom developer id krosenvold Medium Vendor pom developer id martinc Medium Vendor pom developer id matth Medium Vendor pom developer id niallp Medium Vendor pom developer id nicolaken Medium Vendor pom developer id roxspring Medium Vendor pom developer id sanders Medium Vendor pom developer id scolebourne Medium Vendor pom developer name dIon Gillard Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name Jeremias Maerki Medium Vendor pom developer name Jochen Wiedmann Medium Vendor pom developer name Jukka Zitting Medium Vendor pom developer name Kristian Rosenvold Medium Vendor pom developer name Martin Cooper Medium Vendor pom developer name Matthew Hawthorne Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Nicola Ken Barozzi Medium Vendor pom developer name Rob Oxspring Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid commons-io Highest Vendor pom name Apache Commons IO High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-io/ Highest Product file name commons-io High Product gradle artifactid commons-io Highest Product jar package name apache Highest Product jar package name commons Highest Product jar package name file Highest Product jar package name io Highest Product Manifest automatic-module-name org.apache.commons.io Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-io/ Low Product Manifest Bundle-Name Apache Commons IO Medium Product Manifest bundle-symbolicname org.apache.commons.commons-io Medium Product Manifest Implementation-Title Apache Commons IO High Product Manifest specification-title Apache Commons IO Medium Product pom artifactid commons-io Highest Product pom developer email bayard@apache.org Low Product pom developer email dion@apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email jeremias@apache.org Low Product pom developer email jochen.wiedmann@gmail.com Low Product pom developer email krosenvold@apache.org Low Product pom developer email martinc@apache.org Low Product pom developer email matth@apache.org Low Product pom developer email nicolaken@apache.org Low Product pom developer email roxspring@apache.org Low Product pom developer email sanders@apache.org Low Product pom developer id bayard Low Product pom developer id dion Low Product pom developer id ggregory Low Product pom developer id jeremias Low Product pom developer id jochen Low Product pom developer id jukka Low Product pom developer id krosenvold Low Product pom developer id martinc Low Product pom developer id matth Low Product pom developer id niallp Low Product pom developer id nicolaken Low Product pom developer id roxspring Low Product pom developer id sanders Low Product pom developer id scolebourne Low Product pom developer name dIon Gillard Low Product pom developer name Gary Gregory Low Product pom developer name Henri Yandell Low Product pom developer name Jeremias Maerki Low Product pom developer name Jochen Wiedmann Low Product pom developer name Jukka Zitting Low Product pom developer name Kristian Rosenvold Low Product pom developer name Martin Cooper Low Product pom developer name Matthew Hawthorne Low Product pom developer name Niall Pemberton Low Product pom developer name Nicola Ken Barozzi Low Product pom developer name Rob Oxspring Low Product pom developer name Scott Sanders Low Product pom developer name Stephen Colebourne Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid commons-io Highest Product pom name Apache Commons IO High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-io/ Medium Version file version 2.11.0 High Version gradle version 2.11.0 Highest Version Manifest Bundle-Version 2.11.0 High Version Manifest Implementation-Version 2.11.0 High Version pom parent-version 2.11.0 Low Version pom version 2.11.0 Highest
commons-io-2.14.0.jarDescription:
The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/commons-io/commons-io/2.14.0/a4c6e1f6c196339473cd2e1b037f0eb97c62755b/commons-io-2.14.0.jar
MD5: 4259c0bc6078e53a09883b521c1d53af
SHA1: a4c6e1f6c196339473cd2e1b037f0eb97c62755b
SHA256: e35d1df7232568ed4b81d9a9ed94a0159b3ff6cf1915cc21eef5cb55d7b157a2
Referenced In Projects/Scopes: opencdx-classification-analyzer:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-classification:compileClasspath opencdx-classification-analyzer:compileClasspath commons-io-2.14.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.apache.tika/tika-core@2.9.1 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.apache.tika/tika-core@2.9.1 pkg:maven/org.apache.tika/tika-core@2.9.1 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.apache.tika/tika-core@2.9.1 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/org.apache.tika/tika-core@2.9.1 pkg:maven/org.apache.tika/tika-core@2.9.1 Evidence Type Source Name Value Confidence Vendor file name commons-io High Vendor gradle artifactid commons-io Highest Vendor gradle groupid commons-io Highest Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name file Highest Vendor jar package name io Highest Vendor Manifest automatic-module-name org.apache.commons.io Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-io/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-io Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest multi-release true Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-io Low Vendor pom developer email bayard@apache.org Low Vendor pom developer email dion@apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email jeremias@apache.org Low Vendor pom developer email jochen.wiedmann@gmail.com Low Vendor pom developer email krosenvold@apache.org Low Vendor pom developer email martinc@apache.org Low Vendor pom developer email matth@apache.org Low Vendor pom developer email nicolaken@apache.org Low Vendor pom developer email roxspring@apache.org Low Vendor pom developer email sanders@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id dion Medium Vendor pom developer id ggregory Medium Vendor pom developer id jeremias Medium Vendor pom developer id jochen Medium Vendor pom developer id jukka Medium Vendor pom developer id krosenvold Medium Vendor pom developer id martinc Medium Vendor pom developer id matth Medium Vendor pom developer id niallp Medium Vendor pom developer id nicolaken Medium Vendor pom developer id roxspring Medium Vendor pom developer id sanders Medium Vendor pom developer id scolebourne Medium Vendor pom developer name dIon Gillard Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name Jeremias Maerki Medium Vendor pom developer name Jochen Wiedmann Medium Vendor pom developer name Jukka Zitting Medium Vendor pom developer name Kristian Rosenvold Medium Vendor pom developer name Martin Cooper Medium Vendor pom developer name Matthew Hawthorne Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Nicola Ken Barozzi Medium Vendor pom developer name Rob Oxspring Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid commons-io Highest Vendor pom name Apache Commons IO High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-io/ Highest Product file name commons-io High Product gradle artifactid commons-io Highest Product jar package name apache Highest Product jar package name commons Highest Product jar package name file Highest Product jar package name io Highest Product Manifest automatic-module-name org.apache.commons.io Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-io/ Low Product Manifest Bundle-Name Apache Commons IO Medium Product Manifest bundle-symbolicname org.apache.commons.commons-io Medium Product Manifest Implementation-Title Apache Commons IO High Product Manifest multi-release true Low Product Manifest specification-title Apache Commons IO Medium Product pom artifactid commons-io Highest Product pom developer email bayard@apache.org Low Product pom developer email dion@apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email jeremias@apache.org Low Product pom developer email jochen.wiedmann@gmail.com Low Product pom developer email krosenvold@apache.org Low Product pom developer email martinc@apache.org Low Product pom developer email matth@apache.org Low Product pom developer email nicolaken@apache.org Low Product pom developer email roxspring@apache.org Low Product pom developer email sanders@apache.org Low Product pom developer id bayard Low Product pom developer id dion Low Product pom developer id ggregory Low Product pom developer id jeremias Low Product pom developer id jochen Low Product pom developer id jukka Low Product pom developer id krosenvold Low Product pom developer id martinc Low Product pom developer id matth Low Product pom developer id niallp Low Product pom developer id nicolaken Low Product pom developer id roxspring Low Product pom developer id sanders Low Product pom developer id scolebourne Low Product pom developer name dIon Gillard Low Product pom developer name Gary Gregory Low Product pom developer name Henri Yandell Low Product pom developer name Jeremias Maerki Low Product pom developer name Jochen Wiedmann Low Product pom developer name Jukka Zitting Low Product pom developer name Kristian Rosenvold Low Product pom developer name Martin Cooper Low Product pom developer name Matthew Hawthorne Low Product pom developer name Niall Pemberton Low Product pom developer name Nicola Ken Barozzi Low Product pom developer name Rob Oxspring Low Product pom developer name Scott Sanders Low Product pom developer name Stephen Colebourne Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid commons-io Highest Product pom name Apache Commons IO High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-io/ Medium Version file version 2.14.0 High Version gradle version 2.14.0 Highest Version Manifest Bundle-Version 2.14.0 High Version Manifest Implementation-Version 2.14.0 High Version pom parent-version 2.14.0 Low Version pom version 2.14.0 Highest
commons-jxpath-1.3.jarDescription:
A Java-based implementation of XPath 1.0 that, in addition to XML processing, can inspect/modify Java object graphs (the library's explicit purpose) and even mixed Java/XML structures. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/commons-jxpath/commons-jxpath/1.3/c22d7d0f0f40eb7059a23cfa61773a416768b137/commons-jxpath-1.3.jar
MD5: 61a9aa8ff43ba10853571d57f724bf88
SHA1: c22d7d0f0f40eb7059a23cfa61773a416768b137
SHA256: fcbc0ad917d9d6a73c6df21fac322e00d213ef19cd94815a007c407a8a3ff449
Referenced In Projects/Scopes: opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-discovery:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath commons-jxpath-1.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name commons-jxpath High Vendor gradle artifactid commons-jxpath Highest Vendor gradle groupid commons-jxpath Highest Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name jxpath Highest Vendor jar package name xml Highest Vendor Manifest bundle-docurl http://commons.apache.org/jxpath/ Low Vendor Manifest bundle-symbolicname org.apache.commons.jxpath Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-jxpath Low Vendor pom developer email Craig.McClanahan@eng.sun.com Low Vendor pom developer email dmitri@apache.org Low Vendor pom developer email mbenson@apache.org Low Vendor pom developer id craigmcc Medium Vendor pom developer id dmitri Medium Vendor pom developer id mbenson Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name Dmitri Plotnikov Medium Vendor pom developer name Matt Benson Medium Vendor pom developer org Sun Microsystems Medium Vendor pom groupid commons-jxpath Highest Vendor pom name Commons JXPath High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/jxpath/ Highest Product file name commons-jxpath High Product gradle artifactid commons-jxpath Highest Product jar package name apache Highest Product jar package name commons Highest Product jar package name jxpath Highest Product jar package name xml Highest Product Manifest bundle-docurl http://commons.apache.org/jxpath/ Low Product Manifest Bundle-Name Commons JXPath Medium Product Manifest bundle-symbolicname org.apache.commons.jxpath Medium Product Manifest Implementation-Title Commons JXPath High Product Manifest specification-title Commons JXPath Medium Product pom artifactid commons-jxpath Highest Product pom developer email Craig.McClanahan@eng.sun.com Low Product pom developer email dmitri@apache.org Low Product pom developer email mbenson@apache.org Low Product pom developer id craigmcc Low Product pom developer id dmitri Low Product pom developer id mbenson Low Product pom developer name Craig McClanahan Low Product pom developer name Dmitri Plotnikov Low Product pom developer name Matt Benson Low Product pom developer org Sun Microsystems Low Product pom groupid commons-jxpath Highest Product pom name Commons JXPath High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/jxpath/ Medium Version file version 1.3 High Version gradle version 1.3 Highest Version Manifest Bundle-Version 1.3 High Version Manifest Implementation-Version 1.3 High Version pom parent-version 1.3 Low Version pom version 1.3 Highest
CVE-2022-41852 (OSSINDEX) suppress
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2022-41852 for details CWE-470 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
CVSSv3:
Base Score: CRITICAL (9.800000190734863) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:commons-jxpath:commons-jxpath:1.3:*:*:*:*:*:*:* CVE-2022-40159 suppress
** DISPUTED ** This record was originally reported by the oss-fuzz project who failed to consider the security context in which JXPath is intended to be used and failed to contact the JXPath maintainers prior to requesting the CVE allocation. The CVE was then allocated by Google in breach of the CNA rules. After review by the JXPath maintainers, the original report was found to be invalid. CWE-787 Out-of-bounds Write, CWE-121 Stack-based Buffer Overflow
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2022-40160 suppress
** DISPUTED ** This record was originally reported by the oss-fuzz project who failed to consider the security context in which JXPath is intended to be used and failed to contact the JXPath maintainers prior to requesting the CVE allocation. The CVE was then allocated by Google in breach of the CNA rules. After review by the JXPath maintainers, the original report was found to be invalid. CWE-787 Out-of-bounds Write, CWE-121 Stack-based Buffer Overflow
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions:
commons-lang-2.6.jarDescription:
Commons Lang, a package of Java utility classes for the
classes that are in java.lang's hierarchy, or are considered to be so
standard as to justify existence in java.lang.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/commons-lang/commons-lang/2.6/ce1edb914c94ebc388f086c6827e8bdeec71ac2/commons-lang-2.6.jar
MD5: 4d5c1693079575b362edf41500630bbd
SHA1: 0ce1edb914c94ebc388f086c6827e8bdeec71ac2
SHA256: 50f11b09f877c294d56f24463f47d28f929cf5044f648661c0f0cfbae9a2f49c
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath commons-lang-2.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name commons-lang High Vendor gradle artifactid commons-lang Highest Vendor gradle groupid commons-lang Highest Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name lang Highest Vendor Manifest bundle-docurl http://commons.apache.org/lang/ Low Vendor Manifest bundle-symbolicname org.apache.commons.lang Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-lang Low Vendor pom developer email bayard@apache.org Low Vendor pom developer email dlr@finemaltcoding.com Low Vendor pom developer email ggregory@seagullsw.com Low Vendor pom developer email jcarman@apache.org Low Vendor pom developer email joerg.schaible@gmx.de Low Vendor pom developer email oheger@apache.org Low Vendor pom developer email pbenedict@apache.org Low Vendor pom developer email phil@steitz.com Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email scolebourne@joda.org Low Vendor pom developer email stevencaswell@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id dlr Medium Vendor pom developer id fredrik Medium Vendor pom developer id ggregory Medium Vendor pom developer id jcarman Medium Vendor pom developer id joehni Medium Vendor pom developer id mbenson Medium Vendor pom developer id niallp Medium Vendor pom developer id oheger Medium Vendor pom developer id pbenedict Medium Vendor pom developer id psteitz Medium Vendor pom developer id rdonkin Medium Vendor pom developer id scaswell Medium Vendor pom developer id scolebourne Medium Vendor pom developer name Daniel Rall Medium Vendor pom developer name Fredrik Westermarck Medium Vendor pom developer name Gary D. Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name James Carman Medium Vendor pom developer name Joerg Schaible Medium Vendor pom developer name Matt Benson Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Oliver Heger Medium Vendor pom developer name Paul Benedict Medium Vendor pom developer name Phil Steitz Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer name Steven Caswell Medium Vendor pom developer org Carman Consulting, Inc. Medium Vendor pom developer org CollabNet, Inc. Medium Vendor pom developer org Seagull Software Medium Vendor pom developer org SITA ATS Ltd Medium Vendor pom groupid commons-lang Highest Vendor pom name Commons Lang High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/lang/ Highest Product file name commons-lang High Product gradle artifactid commons-lang Highest Product jar package name apache Highest Product jar package name commons Highest Product jar package name lang Highest Product Manifest bundle-docurl http://commons.apache.org/lang/ Low Product Manifest Bundle-Name Commons Lang Medium Product Manifest bundle-symbolicname org.apache.commons.lang Medium Product Manifest Implementation-Title Commons Lang High Product Manifest specification-title Commons Lang Medium Product pom artifactid commons-lang Highest Product pom developer email bayard@apache.org Low Product pom developer email dlr@finemaltcoding.com Low Product pom developer email ggregory@seagullsw.com Low Product pom developer email jcarman@apache.org Low Product pom developer email joerg.schaible@gmx.de Low Product pom developer email oheger@apache.org Low Product pom developer email pbenedict@apache.org Low Product pom developer email phil@steitz.com Low Product pom developer email rdonkin@apache.org Low Product pom developer email scolebourne@joda.org Low Product pom developer email stevencaswell@apache.org Low Product pom developer id bayard Low Product pom developer id dlr Low Product pom developer id fredrik Low Product pom developer id ggregory Low Product pom developer id jcarman Low Product pom developer id joehni Low Product pom developer id mbenson Low Product pom developer id niallp Low Product pom developer id oheger Low Product pom developer id pbenedict Low Product pom developer id psteitz Low Product pom developer id rdonkin Low Product pom developer id scaswell Low Product pom developer id scolebourne Low Product pom developer name Daniel Rall Low Product pom developer name Fredrik Westermarck Low Product pom developer name Gary D. Gregory Low Product pom developer name Henri Yandell Low Product pom developer name James Carman Low Product pom developer name Joerg Schaible Low Product pom developer name Matt Benson Low Product pom developer name Niall Pemberton Low Product pom developer name Oliver Heger Low Product pom developer name Paul Benedict Low Product pom developer name Phil Steitz Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Stephen Colebourne Low Product pom developer name Steven Caswell Low Product pom developer org Carman Consulting, Inc. Low Product pom developer org CollabNet, Inc. Low Product pom developer org Seagull Software Low Product pom developer org SITA ATS Ltd Low Product pom groupid commons-lang Highest Product pom name Commons Lang High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/lang/ Medium Version file version 2.6 High Version gradle version 2.6 Highest Version Manifest Bundle-Version 2.6 High Version Manifest Implementation-Version 2.6 High Version pom parent-version 2.6 Low Version pom version 2.6 Highest
commons-lang3-3.13.0.jar commons-logging-1.2.jarDescription:
Apache Commons Logging is a thin adapter allowing configurable bridging to other,
well known logging systems. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/commons-logging/commons-logging/1.2/4bfc12adfe4842bf07b657f0369c4cb522955686/commons-logging-1.2.jar
MD5: 040b4b4d8eac886f6b4a2a3bd2f31b00
SHA1: 4bfc12adfe4842bf07b657f0369c4cb522955686
SHA256: daddea1ea0be0f56978ab3006b8ac92834afeefbd9b7e4e6316fca57df0fa636
Referenced In Projects/Scopes: opencdx-config:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-config:runtimeClasspath opencdx-classification-analyzer:compileClasspath opencdx-config:productionRuntimeClasspath commons-logging-1.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/io.github.openfeign/feign-httpclient@13.2.1 pkg:maven/io.github.openfeign/feign-httpclient@13.2.1 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/io.github.openfeign/feign-httpclient@13.2.1 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name commons-logging High Vendor gradle artifactid commons-logging Highest Vendor gradle groupid commons-logging Highest Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name logging Highest Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-logging/ Low Vendor Manifest bundle-symbolicname org.apache.commons.logging Medium Vendor Manifest implementation-build tags/LOGGING_1_2_RC2@r1608092; 2014-07-05 20:11:44+0200 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-logging Low Vendor pom developer email baliuka@apache.org Low Vendor pom developer email costin@apache.org Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email dennisl@apache.org Low Vendor pom developer email donaldp@apache.org Low Vendor pom developer email morgand@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email rsitze@apache.org Low Vendor pom developer email rwaldhoff@apache.org Low Vendor pom developer email sanders@apache.org Low Vendor pom developer email skitching@apache.org Low Vendor pom developer email tn@apache.org Low Vendor pom developer id baliuka Medium Vendor pom developer id bstansberry Medium Vendor pom developer id costin Medium Vendor pom developer id craigmcc Medium Vendor pom developer id dennisl Medium Vendor pom developer id donaldp Medium Vendor pom developer id morgand Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rsitze Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id sanders Medium Vendor pom developer id skitching Medium Vendor pom developer id tn Medium Vendor pom developer name Brian Stansberry Medium Vendor pom developer name Costin Manolache Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name Dennis Lundberg Medium Vendor pom developer name Juozas Baliuka Medium Vendor pom developer name Morgan Delagrange Medium Vendor pom developer name Peter Donald Medium Vendor pom developer name Richard Sitze Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Simon Kitching Medium Vendor pom developer name Thomas Neidhart Medium Vendor pom developer org Apache Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom groupid commons-logging Highest Vendor pom name Apache Commons Logging High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/proper/commons-logging/ Highest Product file name commons-logging High Product gradle artifactid commons-logging Highest Product jar package name apache Highest Product jar package name commons Highest Product jar package name logging Highest Product Manifest bundle-docurl http://commons.apache.org/proper/commons-logging/ Low Product Manifest Bundle-Name Apache Commons Logging Medium Product Manifest bundle-symbolicname org.apache.commons.logging Medium Product Manifest implementation-build tags/LOGGING_1_2_RC2@r1608092; 2014-07-05 20:11:44+0200 Low Product Manifest Implementation-Title Apache Commons Logging High Product Manifest specification-title Apache Commons Logging Medium Product pom artifactid commons-logging Highest Product pom developer email baliuka@apache.org Low Product pom developer email costin@apache.org Low Product pom developer email craigmcc@apache.org Low Product pom developer email dennisl@apache.org Low Product pom developer email donaldp@apache.org Low Product pom developer email morgand@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email rsitze@apache.org Low Product pom developer email rwaldhoff@apache.org Low Product pom developer email sanders@apache.org Low Product pom developer email skitching@apache.org Low Product pom developer email tn@apache.org Low Product pom developer id baliuka Low Product pom developer id bstansberry Low Product pom developer id costin Low Product pom developer id craigmcc Low Product pom developer id dennisl Low Product pom developer id donaldp Low Product pom developer id morgand Low Product pom developer id rdonkin Low Product pom developer id rsitze Low Product pom developer id rwaldhoff Low Product pom developer id sanders Low Product pom developer id skitching Low Product pom developer id tn Low Product pom developer name Brian Stansberry Low Product pom developer name Costin Manolache Low Product pom developer name Craig McClanahan Low Product pom developer name Dennis Lundberg Low Product pom developer name Juozas Baliuka Low Product pom developer name Morgan Delagrange Low Product pom developer name Peter Donald Low Product pom developer name Richard Sitze Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Scott Sanders Low Product pom developer name Simon Kitching Low Product pom developer name Thomas Neidhart Low Product pom developer org Apache Low Product pom developer org The Apache Software Foundation Low Product pom groupid commons-logging Highest Product pom name Apache Commons Logging High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/proper/commons-logging/ Medium Version file version 1.2 High Version gradle version 1.2 Highest Version Manifest Implementation-Version 1.2 High Version pom parent-version 1.2 Low Version pom version 1.2 Highest
commons-math-2.2.jarDescription:
The Math project is a library of lightweight, self-contained mathematics and statistics components addressing the most common practical problems not immediately available in the Java programming language or commons-lang. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-math/2.2/4877b85d388275f994a5cfc7eceb73a8045d3006/commons-math-2.2.jar
MD5: 4b65633769a2d3c532c86188648bb380
SHA1: 4877b85d388275f994a5cfc7eceb73a8045d3006
SHA256: 15993bb2a3cf50f3291b40fc980a3166a0984e7b5f1abbe5232151fd94954584
Referenced In Projects/Scopes: opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-discovery:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath commons-math-2.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name commons-math High Vendor gradle artifactid commons-math Highest Vendor gradle groupid org.apache.commons Highest Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name math Highest Vendor Manifest bundle-docurl http://commons.apache.org/math/ Low Vendor Manifest bundle-symbolicname org.apache.commons.math Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-math Low Vendor pom developer email achou at apache dot org Low Vendor pom developer email billbarker at apache dot org Low Vendor pom developer email brentworden at apache dot org Low Vendor pom developer email dimpbx at apache dot org Low Vendor pom developer email erans at apache dot org Low Vendor pom developer email j3322ptm at yahoo dot de Low Vendor pom developer email luc at apache dot org Low Vendor pom developer email mdiggory at apache dot org Low Vendor pom developer email mikl at apache dot org Low Vendor pom developer email psteitz at apache dot org Low Vendor pom developer email rdonkin at apache dot org Low Vendor pom developer email tobrien at apache dot org Low Vendor pom developer id achou Medium Vendor pom developer id billbarker Medium Vendor pom developer id brentworden Medium Vendor pom developer id dimpbx Medium Vendor pom developer id erans Medium Vendor pom developer id luc Medium Vendor pom developer id mdiggory Medium Vendor pom developer id mikl Medium Vendor pom developer id pietsch Medium Vendor pom developer id psteitz Medium Vendor pom developer id rdonkin Medium Vendor pom developer id tobrien Medium Vendor pom developer name Albert Davidson Chou Medium Vendor pom developer name Bill Barker Medium Vendor pom developer name Brent Worden Medium Vendor pom developer name Dimitri Pourbaix Medium Vendor pom developer name Gilles Sadowski Medium Vendor pom developer name J. Pietschmann Medium Vendor pom developer name Luc Maisonobe Medium Vendor pom developer name Mark Diggory Medium Vendor pom developer name Mikkel Meyer Andersen Medium Vendor pom developer name Phil Steitz Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Tim O'Brien Medium Vendor pom groupid org.apache.commons Highest Vendor pom name Commons Math High Vendor pom parent-artifactid commons-parent Low Vendor pom url http://commons.apache.org/math/ Highest Product file name commons-math High Product gradle artifactid commons-math Highest Product jar package name apache Highest Product jar package name commons Highest Product jar package name math Highest Product Manifest bundle-docurl http://commons.apache.org/math/ Low Product Manifest Bundle-Name Commons Math Medium Product Manifest bundle-symbolicname org.apache.commons.math Medium Product Manifest Implementation-Title Commons Math High Product Manifest specification-title Commons Math Medium Product pom artifactid commons-math Highest Product pom developer email achou at apache dot org Low Product pom developer email billbarker at apache dot org Low Product pom developer email brentworden at apache dot org Low Product pom developer email dimpbx at apache dot org Low Product pom developer email erans at apache dot org Low Product pom developer email j3322ptm at yahoo dot de Low Product pom developer email luc at apache dot org Low Product pom developer email mdiggory at apache dot org Low Product pom developer email mikl at apache dot org Low Product pom developer email psteitz at apache dot org Low Product pom developer email rdonkin at apache dot org Low Product pom developer email tobrien at apache dot org Low Product pom developer id achou Low Product pom developer id billbarker Low Product pom developer id brentworden Low Product pom developer id dimpbx Low Product pom developer id erans Low Product pom developer id luc Low Product pom developer id mdiggory Low Product pom developer id mikl Low Product pom developer id pietsch Low Product pom developer id psteitz Low Product pom developer id rdonkin Low Product pom developer id tobrien Low Product pom developer name Albert Davidson Chou Low Product pom developer name Bill Barker Low Product pom developer name Brent Worden Low Product pom developer name Dimitri Pourbaix Low Product pom developer name Gilles Sadowski Low Product pom developer name J. Pietschmann Low Product pom developer name Luc Maisonobe Low Product pom developer name Mark Diggory Low Product pom developer name Mikkel Meyer Andersen Low Product pom developer name Phil Steitz Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Tim O'Brien Low Product pom groupid org.apache.commons Highest Product pom name Commons Math High Product pom parent-artifactid commons-parent Medium Product pom url http://commons.apache.org/math/ Medium Version file version 2.2 High Version gradle version 2.2 Highest Version Manifest Bundle-Version 2.2 High Version Manifest Implementation-Version 2.2 High Version pom parent-version 2.2 Low Version pom version 2.2 Highest
commons-text-1.10.0.jarDescription:
Apache Commons Text is a library focused on algorithms working on strings. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-text/1.10.0/3363381aef8cef2dbc1023b3e3a9433b08b64e01/commons-text-1.10.0.jar
MD5: 4afc9bfa2d31dbf7330c98fcc954b892
SHA1: 3363381aef8cef2dbc1023b3e3a9433b08b64e01
SHA256: 770cd903fa7b604d1f7ef7ba17f84108667294b2b478be8ed1af3bffb4ae0018
Referenced In Projects/Scopes: opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-classification:runtimeClasspath opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-classification:productionRuntimeClasspath opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-classification:compileClasspath opencdx-helloworld:spotless1659553931 commons-text-1.10.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name commons-text High Vendor gradle artifactid commons-text Highest Vendor gradle groupid org.apache.commons Highest Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name text Highest Vendor Manifest automatic-module-name org.apache.commons.text Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-text Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-text Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-text Low Vendor pom developer email britter@apache.org Low Vendor pom developer email chtompki@apache.org Low Vendor pom developer email djones@apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email kinow@apache.org Low Vendor pom developer id britter Medium Vendor pom developer id chtompki Medium Vendor pom developer id djones Medium Vendor pom developer id ggregory Medium Vendor pom developer id kinow Medium Vendor pom developer name Benedikt Ritter Medium Vendor pom developer name Bruno P. Kinoshita Medium Vendor pom developer name Duncan Jones Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid org.apache.commons Highest Vendor pom name Apache Commons Text High Vendor pom parent-artifactid commons-parent Low Vendor pom url https://commons.apache.org/proper/commons-text Highest Product file name commons-text High Product gradle artifactid commons-text Highest Product jar package name apache Highest Product jar package name commons Highest Product jar package name text Highest Product Manifest automatic-module-name org.apache.commons.text Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-text Low Product Manifest Bundle-Name Apache Commons Text Medium Product Manifest bundle-symbolicname org.apache.commons.commons-text Medium Product Manifest Implementation-Title Apache Commons Text High Product Manifest specification-title Apache Commons Text Medium Product pom artifactid commons-text Highest Product pom developer email britter@apache.org Low Product pom developer email chtompki@apache.org Low Product pom developer email djones@apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email kinow@apache.org Low Product pom developer id britter Low Product pom developer id chtompki Low Product pom developer id djones Low Product pom developer id ggregory Low Product pom developer id kinow Low Product pom developer name Benedikt Ritter Low Product pom developer name Bruno P. Kinoshita Low Product pom developer name Duncan Jones Low Product pom developer name Gary Gregory Low Product pom developer name Rob Tompkins Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid org.apache.commons Highest Product pom name Apache Commons Text High Product pom parent-artifactid commons-parent Medium Product pom url https://commons.apache.org/proper/commons-text Medium Version file version 1.10.0 High Version gradle version 1.10.0 Highest Version Manifest Bundle-Version 1.10.0 High Version Manifest Implementation-Version 1.10.0 High Version pom parent-version 1.10.0 Low Version pom version 1.10.0 Highest
component-1.37.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/dev.ikm.tinkar/component/1.37.0/f2303ef7e0cd0da43852dcea8e4277fb3bdef80c/component-1.37.0.jarMD5: 676558e509b778cb0cd227ee00eb3fadSHA1: f2303ef7e0cd0da43852dcea8e4277fb3bdef80cSHA256: 1ecbdabe50b611f719f9d0cdacd9aa4b33861ce766f52e77e4dce3a860ea85abReferenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath component-1.37.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 Evidence Type Source Name Value Confidence Vendor file name component High Vendor gradle artifactid component Highest Vendor gradle groupid dev.ikm.tinkar Highest Vendor jar package name component Highest Vendor jar package name dev Highest Vendor jar package name ikm Highest Vendor jar package name tinkar Highest Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid component Low Vendor pom groupid dev.ikm.tinkar Highest Vendor pom name TINKAR Component High Vendor pom parent-artifactid tinkar-core Low Product file name component High Product gradle artifactid component Highest Product jar package name component Highest Product jar package name dev Highest Product jar package name ikm Highest Product jar package name tinkar Highest Product Manifest build-jdk-spec 21 Low Product pom artifactid component Highest Product pom groupid dev.ikm.tinkar Highest Product pom name TINKAR Component High Product pom parent-artifactid tinkar-core Medium Version file version 1.37.0 High Version gradle version 1.37.0 Highest Version pom version 1.37.0 Highest
config-2.16.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.github.solven-eu.cleanthat/config/2.16/9cf70dc6b03a52e35a819fafa9de838a0bc4af2/config-2.16.jarMD5: 3619bfc4e8e69274eb2e899de37c7d42SHA1: 09cf70dc6b03a52e35a819fafa9de838a0bc4af2SHA256: 1cac68ecf53e5fac371d6723127a7fb003b4548aaf7931e815806087a3b66a59Referenced In Projects/Scopes:
opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 config-2.16.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name config High Vendor gradle artifactid config Highest Vendor gradle groupid io.github.solven-eu.cleanthat Highest Vendor jar package name cleanthat Highest Vendor jar package name config Highest Vendor jar package name eu Highest Vendor jar package name github Highest Vendor jar package name solven Highest Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid config Low Vendor pom groupid io.github.solven-eu.cleanthat Highest Vendor pom parent-artifactid aggregator-cleanthat Low Product file name config High Product gradle artifactid config Highest Product jar package name cleanthat Highest Product jar package name config Highest Product jar package name eu Highest Product jar package name github Highest Product jar package name solven Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title config High Product pom artifactid config Highest Product pom groupid io.github.solven-eu.cleanthat Highest Product pom parent-artifactid aggregator-cleanthat Medium Version file version 2.16 High Version gradle version 2.16 Highest Version Manifest Implementation-Version 2.16 High Version pom version 2.16 Highest
context-propagation-1.1.1.jar coordinate-1.37.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/dev.ikm.tinkar/coordinate/1.37.0/b90de53a6bb4ff93df80ca21ff46d3af0e904172/coordinate-1.37.0.jarMD5: 568ae13adf4887ab4d144f5e07b65cd8SHA1: b90de53a6bb4ff93df80ca21ff46d3af0e904172SHA256: 9c0e2f8c83987b6706533da5c85012f87e69653bff8400f82bc6f3007dc35014Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath coordinate-1.37.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name coordinate High Vendor gradle artifactid coordinate Highest Vendor gradle groupid dev.ikm.tinkar Highest Vendor jar package name coordinate Highest Vendor jar package name dev Highest Vendor jar package name ikm Highest Vendor jar package name tinkar Highest Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid coordinate Low Vendor pom groupid dev.ikm.tinkar Highest Vendor pom name TINKAR Coordinate High Vendor pom parent-artifactid tinkar-core Low Product file name coordinate High Product gradle artifactid coordinate Highest Product jar package name coordinate Highest Product jar package name dev Highest Product jar package name ikm Highest Product jar package name tinkar Highest Product Manifest build-jdk-spec 21 Low Product pom artifactid coordinate Highest Product pom groupid dev.ikm.tinkar Highest Product pom name TINKAR Coordinate High Product pom parent-artifactid tinkar-core Medium Version file version 1.37.0 High Version gradle version 1.37.0 Highest Version pom version 1.37.0 Highest
curvedLines.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/content/js/curvedLines.jsMD5: 55f8ee422555146c6fbe96f0f3952cbfSHA1: 72c6490a340cb8cdc718f2fd6d6f267a85457102SHA256: add85e8c610afd186e0d776ef75cce8139e5d286d88d79beb8de007b6f5a4e6eReferenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
customGraph.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/content/js/customGraph.jsMD5: df44a98b76d35f0ec95215ca4f391b1cSHA1: e3aaa84791b0d4e996ecf30914100c4fd4915a48SHA256: 5cfb5f38842bbdd6dc1a168bb2a93c3671a7649b39274c1f19c394c9fd7de8fbReferenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
dashboard-commons.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/content/js/dashboard-commons.jsMD5: 89de53667c1397f1e591038df07486e3SHA1: ea272c7468634e3bfc42e2c0329ab5b8762cac0dSHA256: d184668cec2021dd5f058c0d74f87cb0da2a5c104fe622cc909756a611e52cfbReferenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
dashboard.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/content/js/dashboard.jsMD5: 04368aad237591ac50cce25071e5da5dSHA1: fd42f59a2bffac9b90b085fe6fde093aa6748271SHA256: b7feed80ed3b968e0af6ff3e0b3f6d0d53bac1ef718203ccfd6524438ff9abf3Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
data-spinedarray-provider-1.37.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/dev.ikm.tinkar/data-spinedarray-provider/1.37.0/bc05959fa74a7f2f1951359ccb2f6efbe74dd60d/data-spinedarray-provider-1.37.0.jarMD5: a4a11739bcf622d5f5a20ccee5c81020SHA1: bc05959fa74a7f2f1951359ccb2f6efbe74dd60dSHA256: 448393def7df4c3ba45e51e4a425504f93fa7139bfe2f2776d908f70451a940cReferenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath data-spinedarray-provider-1.37.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name data-spinedarray-provider High Vendor gradle artifactid data-spinedarray-provider Highest Vendor gradle groupid dev.ikm.tinkar Highest Vendor jar package name dev Highest Vendor jar package name ikm Highest Vendor jar package name provider Highest Vendor jar package name tinkar Highest Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid data-spinedarray-provider Low Vendor pom groupid dev.ikm.tinkar Highest Vendor pom name TINKAR Provider Data - Spined array High Vendor pom parent-artifactid provider Low Product file name data-spinedarray-provider High Product gradle artifactid data-spinedarray-provider Highest Product jar package name dev Highest Product jar package name ikm Highest Product jar package name provider Highest Product jar package name tinkar Highest Product Manifest build-jdk-spec 21 Low Product pom artifactid data-spinedarray-provider Highest Product pom groupid dev.ikm.tinkar Highest Product pom name TINKAR Provider Data - Spined array High Product pom parent-artifactid provider Medium Version file version 1.37.0 High Version gradle version 1.37.0 Highest Version pom version 1.37.0 Highest
dto-1.37.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/dev.ikm.tinkar/dto/1.37.0/345b7c027d2fd31e2fa4013ab74b9b01fa501b61/dto-1.37.0.jarMD5: cf2f3c9c93f0d3f15cae1be3914bf5d9SHA1: 345b7c027d2fd31e2fa4013ab74b9b01fa501b61SHA256: 4a40b607cce72256dba950e8046dfd5bfd0bd412ce02122d551f28d518df2f37Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath dto-1.37.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 Evidence Type Source Name Value Confidence Vendor file name dto High Vendor gradle artifactid dto Highest Vendor gradle groupid dev.ikm.tinkar Highest Vendor jar package name dev Highest Vendor jar package name dto Highest Vendor jar package name ikm Highest Vendor jar package name tinkar Highest Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid dto Low Vendor pom groupid dev.ikm.tinkar Highest Vendor pom name TINKAR Data Transfer Objects High Vendor pom parent-artifactid tinkar-core Low Product file name dto High Product gradle artifactid dto Highest Product jar package name dev Highest Product jar package name dto Highest Product jar package name ikm Highest Product jar package name tinkar Highest Product Manifest build-jdk-spec 21 Low Product pom artifactid dto Highest Product pom groupid dev.ikm.tinkar Highest Product pom name TINKAR Data Transfer Objects High Product pom parent-artifactid tinkar-core Medium Version file version 1.37.0 High Version gradle version 1.37.0 Highest Version pom version 1.37.0 Highest
eclipse-collections-11.1.0-r7.jarFile Path: /Users/jeffmiller/.m2/repository/dev/ikm/jpms/eclipse-collections/11.1.0-r7/eclipse-collections-11.1.0-r7.jarMD5: f4afeb01990f14c032bbcb4433cc9578SHA1: 7d43fafeaffb994a89c221a37e075532c4a288e2SHA256: d2fae31f8d6c6f24ee77aa8ca172d8124033b9904991b47ded2a6fdb7f07c698Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath eclipse-collections-11.1.0-r7.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/common@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/common@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/common@1.37.0 Evidence Type Source Name Value Confidence Vendor file name eclipse-collections High Vendor gradle artifactid eclipse-collections Highest Vendor gradle groupid dev.ikm.jpms Highest Vendor jar package name collections Highest Vendor jar package name eclipse Highest Vendor Manifest build-jdk-spec 19 Low Vendor pom artifactid eclipse-collections Low Vendor pom groupid dev.ikm.jpms Highest Vendor pom groupid org.eclipse.collections Highest Vendor pom name Eclipse collections High Vendor pom name Eclipse Collections Main Library High Vendor pom parent-artifactid eclipse-collections-parent Low Vendor pom parent-artifactid java-parent Low Vendor pom parent-groupid dev.ikm.build Medium Product file name eclipse-collections High Product gradle artifactid eclipse-collections Highest Product jar package name collections Highest Product jar package name eclipse Highest Product Manifest build-jdk-spec 19 Low Product pom artifactid eclipse-collections Highest Product pom groupid dev.ikm.jpms Highest Product pom groupid org.eclipse.collections Highest Product pom name Eclipse collections High Product pom name Eclipse Collections Main Library High Product pom parent-artifactid eclipse-collections-parent Medium Product pom parent-artifactid java-parent Medium Product pom parent-groupid dev.ikm.build Medium Version pom version 0.4.0 Highest
eclipse-collections-api-11.1.0-r7.jarFile Path: /Users/jeffmiller/.m2/repository/dev/ikm/jpms/eclipse-collections-api/11.1.0-r7/eclipse-collections-api-11.1.0-r7.jarMD5: cc50db5d7ad4b7bb1369736629e4bf34SHA1: 4eb8cbe9db8a6c0efdbc1061a277d5de5f26a1f7SHA256: ddab7ba8c815ec5c44c918159e25d461210ea19cf8245d2cf2e64b1ba7b555ebReferenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath eclipse-collections-api-11.1.0-r7.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/common@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/common@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/common@1.37.0 Evidence Type Source Name Value Confidence Vendor file name eclipse-collections-api High Vendor gradle artifactid eclipse-collections-api Highest Vendor gradle groupid dev.ikm.jpms Highest Vendor jar package name api Highest Vendor jar package name collections Highest Vendor jar package name eclipse Highest Vendor Manifest build-jdk-spec 19 Low Vendor pom artifactid eclipse-collections-api Low Vendor pom groupid dev.ikm.jpms Highest Vendor pom groupid org.eclipse.collections Highest Vendor pom name Eclipse collections API High Vendor pom parent-artifactid eclipse-collections-parent Low Vendor pom parent-artifactid java-parent Low Vendor pom parent-groupid dev.ikm.build Medium Product file name eclipse-collections-api High Product gradle artifactid eclipse-collections-api Highest Product jar package name api Highest Product jar package name collections Highest Product jar package name eclipse Highest Product Manifest build-jdk-spec 19 Low Product pom artifactid eclipse-collections-api Highest Product pom groupid dev.ikm.jpms Highest Product pom groupid org.eclipse.collections Highest Product pom name Eclipse collections API High Product pom parent-artifactid eclipse-collections-parent Medium Product pom parent-artifactid java-parent Medium Product pom parent-groupid dev.ikm.build Medium Version pom version 0.4.0 Highest
eddsa-0.3.0.jarDescription:
Implementation of EdDSA in Java License:
CC0 1.0 Universal: https://creativecommons.org/publicdomain/zero/1.0/ File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/net.i2p.crypto/eddsa/0.3.0/1901c8d4d8bffb7d79027686cfb91e704217c3e1/eddsa-0.3.0.jar
MD5: ee7de3b6f19de76a06e465efc978f669
SHA1: 1901c8d4d8bffb7d79027686cfb91e704217c3e1
SHA256: 4dda1120db856640dbec04140ed23242215a075fe127bdefa0dcfa29fb31267d
Referenced In Projects/Scopes: opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath eddsa-0.3.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.nats/nats-spring@0.5.7 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.nats/nats-spring@0.5.7 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name eddsa High Vendor gradle artifactid eddsa Highest Vendor gradle groupid net.i2p.crypto Highest Vendor jar package name crypto Highest Vendor jar package name eddsa Highest Vendor jar package name i2p Highest Vendor jar package name net Highest Vendor Manifest automatic-module-name net.i2p.crypto.eddsa Medium Vendor Manifest bundle-symbolicname net.i2p.crypto.eddsa Medium Vendor pom artifactid eddsa Low Vendor pom developer email str4d@i2pmail.org Low Vendor pom developer id str4d Medium Vendor pom developer name str4d Medium Vendor pom groupid net.i2p.crypto Highest Vendor pom name EdDSA-Java High Vendor pom url str4d/ed25519-java Highest Product file name eddsa High Product gradle artifactid eddsa Highest Product jar package name crypto Highest Product jar package name eddsa Highest Product jar package name i2p Highest Product jar package name net Highest Product Manifest automatic-module-name net.i2p.crypto.eddsa Medium Product Manifest Bundle-Name EdDSA-Java Medium Product Manifest bundle-symbolicname net.i2p.crypto.eddsa Medium Product pom artifactid eddsa Highest Product pom developer email str4d@i2pmail.org Low Product pom developer id str4d Low Product pom developer name str4d Low Product pom groupid net.i2p.crypto Highest Product pom name EdDSA-Java High Product pom url str4d/ed25519-java High Version file version 0.3.0 High Version gradle version 0.3.0 Highest Version Manifest Bundle-Version 0.3.0 High Version pom version 0.3.0 Highest
entity-1.37.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/dev.ikm.tinkar/entity/1.37.0/26de391a0d2a3718cc57b302ec4f97cafd8885ef/entity-1.37.0.jarMD5: 5613d350d00da16d7f4c0b803a338dc2SHA1: 26de391a0d2a3718cc57b302ec4f97cafd8885efSHA256: 51a76c9b1803dbbfca878f1bd73a87f2cace3d001d32af05d5aa6e10c04ad7f6Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath entity-1.37.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name entity High Vendor gradle artifactid entity Highest Vendor gradle groupid dev.ikm.tinkar Highest Vendor jar package name dev Highest Vendor jar package name entity Highest Vendor jar package name ikm Highest Vendor jar package name tinkar Highest Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid entity Low Vendor pom groupid dev.ikm.tinkar Highest Vendor pom name TINKAR Entity High Vendor pom parent-artifactid tinkar-core Low Product file name entity High Product gradle artifactid entity Highest Product jar package name dev Highest Product jar package name entity Highest Product jar package name ikm Highest Product jar package name tinkar Highest Product Manifest build-jdk-spec 21 Low Product pom artifactid entity Highest Product pom groupid dev.ikm.tinkar Highest Product pom name TINKAR Entity High Product pom parent-artifactid tinkar-core Medium Version file version 1.37.0 High Version gradle version 1.37.0 Highest Version pom version 1.37.0 Highest
entity-provider-1.37.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/dev.ikm.tinkar/entity-provider/1.37.0/498cc0b567fdd83e7eae2a51588f3f65934adf51/entity-provider-1.37.0.jarMD5: 168425479fdf20912aeb84fac1bc7c93SHA1: 498cc0b567fdd83e7eae2a51588f3f65934adf51SHA256: 144ee40d4de00e403995524dcce41b4d5752b0bc2012ac6bc1ca4f31cc64b909Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath entity-provider-1.37.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name entity-provider High Vendor gradle artifactid entity-provider Highest Vendor gradle groupid dev.ikm.tinkar Highest Vendor jar package name dev Highest Vendor jar package name ikm Highest Vendor jar package name provider Highest Vendor jar package name tinkar Highest Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid entity-provider Low Vendor pom groupid dev.ikm.tinkar Highest Vendor pom name TINKAR Provider Entity provider High Vendor pom parent-artifactid provider Low Product file name entity-provider High Product gradle artifactid entity-provider Highest Product jar package name dev Highest Product jar package name ikm Highest Product jar package name provider Highest Product jar package name tinkar Highest Product Manifest build-jdk-spec 21 Low Product pom artifactid entity-provider Highest Product pom groupid dev.ikm.tinkar Highest Product pom name TINKAR Provider Entity provider High Product pom parent-artifactid provider Medium Version file version 1.37.0 High Version gradle version 1.37.0 Highest Version pom version 1.37.0 Highest
error_prone_annotations-2.11.0.jarLicense:
Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.google.errorprone/error_prone_annotations/2.11.0/c5a0ace696d3f8b1c1d8cc036d8c03cc0cbe6b69/error_prone_annotations-2.11.0.jar
MD5: 656ad66261b7e7ea472ed0ffeea773ea
SHA1: c5a0ace696d3f8b1c1d8cc036d8c03cc0cbe6b69
SHA256: 721cb91842b46fa056847d104d5225c8b8e1e8b62263b993051e1e5a0137b7ec
Referenced In Projects/Scopes: opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 error_prone_annotations-2.11.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name error_prone_annotations High Vendor gradle artifactid error_prone_annotations Highest Vendor gradle groupid com.google.errorprone Highest Vendor jar package name annotations Highest Vendor jar package name errorprone Highest Vendor jar package name google Highest Vendor Manifest automatic-module-name com.google.errorprone.annotations Medium Vendor Manifest build-jdk-spec 11 Low Vendor pom artifactid error_prone_annotations Low Vendor pom groupid com.google.errorprone Highest Vendor pom name error-prone annotations High Vendor pom parent-artifactid error_prone_parent Low Product file name error_prone_annotations High Product gradle artifactid error_prone_annotations Highest Product jar package name annotations Highest Product jar package name errorprone Highest Product jar package name google Highest Product Manifest automatic-module-name com.google.errorprone.annotations Medium Product Manifest build-jdk-spec 11 Low Product pom artifactid error_prone_annotations Highest Product pom groupid com.google.errorprone Highest Product pom name error-prone annotations High Product pom parent-artifactid error_prone_parent Medium Version file version 2.11.0 High Version gradle version 2.11.0 Highest Version pom version 2.11.0 Highest
error_prone_annotations-2.18.0.jar error_prone_annotations-2.21.1.jarDescription:
Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time. License:
Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.google.errorprone/error_prone_annotations/2.21.1/6d9b10773b5237df178a7b3c1b4208df7d0e7f94/error_prone_annotations-2.21.1.jar
MD5: 75fe4fe33d308dd6cee3b601de902d27
SHA1: 6d9b10773b5237df178a7b3c1b4208df7d0e7f94
SHA256: d1f3c66aa91ac52549e00ae3b208ba4b9af7d72d68f230643553beb38e6118ac
Referenced In Projects/Scopes: opencdx-questionnaire:spotless865458226 opencdx-commons:spotless865458226 opencdx-proto:spotless865458226 opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:spotless865458226 opencdx-tinkar:runtimeClasspath opencdx-gateway:spotless865458226 opencdx-config:spotless865458226 opencdx-health:spotless865458226 opencdx-classification:spotless865458226 opencdx-communications:spotless865458226 opencdx-discovery:spotless865458226 OpenCDX:spotless865458226 opencdx-admin:spotless865458226 opencdx-helloworld:spotless865458226 opencdx-iam:spotless865458226 opencdx-tinkar:compileClasspath opencdx-media:spotless865458226 opencdx-client:spotless865458226 opencdx-audit:spotless865458226 opencdx-classification-analyzer:spotless865458226 opencdx-logistics:spotless865458226 error_prone_annotations-2.21.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.guava/guava@32.1.3-jre pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 Evidence Type Source Name Value Confidence Vendor file name error_prone_annotations High Vendor gradle artifactid error_prone_annotations Highest Vendor gradle groupid com.google.errorprone Highest Vendor jar package name annotations Highest Vendor jar package name errorprone Highest Vendor jar package name google Highest Vendor Manifest automatic-module-name com.google.errorprone.annotations Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-docurl https://errorprone.info/error_prone_annotations Low Vendor Manifest bundle-symbolicname com.google.errorprone.annotations Medium Vendor pom artifactid error_prone_annotations Low Vendor pom groupid com.google.errorprone Highest Vendor pom name error-prone annotations High Vendor pom parent-artifactid error_prone_parent Low Product file name error_prone_annotations High Product gradle artifactid error_prone_annotations Highest Product jar package name annotations Highest Product jar package name errorprone Highest Product jar package name google Highest Product Manifest automatic-module-name com.google.errorprone.annotations Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-docurl https://errorprone.info/error_prone_annotations Low Product Manifest Bundle-Name error-prone annotations Medium Product Manifest bundle-symbolicname com.google.errorprone.annotations Medium Product pom artifactid error_prone_annotations Highest Product pom groupid com.google.errorprone Highest Product pom name error-prone annotations High Product pom parent-artifactid error_prone_parent Medium Version file version 2.21.1 High Version gradle version 2.21.1 Highest Version Manifest Bundle-Version 2.21.1 High Version pom version 2.21.1 Highest
eureka-client-2.0.1.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.netflix.eureka/eureka-client/2.0.1/4f81f1bc22afc1390febbda4a711b35dd4327e68/eureka-client-2.0.1.jarMD5: 400e7df251465855d183bfb1cb44552dSHA1: 4f81f1bc22afc1390febbda4a711b35dd4327e68SHA256: b566ce876648859df6c09059d865c9ad4e670ef1f098480f2163f3b692f0ed72Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath eureka-client-2.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name eureka-client High Vendor gradle artifactid eureka-client Highest Vendor gradle groupid com.netflix.eureka Highest Vendor jar package name discovery Low Vendor jar package name netflix Low Vendor Manifest branch 40a91d5fcba331d56ee9e98f115b447e90ca9629 Low Vendor Manifest build-date 2023-06-21_22:29:39 Low Vendor Manifest build-date-utc 2023-06-21T22:29:39.269035Z Low Vendor Manifest build-host https://github.com Low Vendor Manifest build-job __run_2 Low Vendor Manifest build-number 12 Low Vendor Manifest build-time-iso-8601 2023-06-21T22:29:39+0000 Low Vendor Manifest build-timezone Etc/UTC Low Vendor Manifest build-url https://github.com/Netflix/eureka/actions/runs/5339536139 Low Vendor Manifest built-os Linux Low Vendor Manifest built-status integration Low Vendor Manifest change 40a91d5 Low Vendor Manifest full-change 40a91d5fcba331d56ee9e98f115b447e90ca9629 Low Vendor Manifest module-email netflixoss@netflix.com Low Vendor Manifest module-origin https://github.com/Netflix/eureka Low Vendor Manifest module-owner netflixoss@netflix.com Low Vendor Manifest module-source /eureka-client Low Product file name eureka-client High Product gradle artifactid eureka-client Highest Product jar package name discovery Low Product jar package name netflix Highest Product Manifest branch 40a91d5fcba331d56ee9e98f115b447e90ca9629 Low Product Manifest build-date 2023-06-21_22:29:39 Low Product Manifest build-date-utc 2023-06-21T22:29:39.269035Z Low Product Manifest build-host https://github.com Low Product Manifest build-job __run_2 Low Product Manifest build-number 12 Low Product Manifest build-time-iso-8601 2023-06-21T22:29:39+0000 Low Product Manifest build-timezone Etc/UTC Low Product Manifest build-url https://github.com/Netflix/eureka/actions/runs/5339536139 Low Product Manifest built-os Linux Low Product Manifest built-status integration Low Product Manifest change 40a91d5 Low Product Manifest full-change 40a91d5fcba331d56ee9e98f115b447e90ca9629 Low Product Manifest Implementation-Title com.netflix.eureka#eureka-client;2.0.1 High Product Manifest module-email netflixoss@netflix.com Low Product Manifest module-origin https://github.com/Netflix/eureka Low Product Manifest module-owner netflixoss@netflix.com Low Product Manifest module-source /eureka-client Low Version file version 2.0.1 High Version Manifest Implementation-Version 2.0.1 High
eureka-client-jersey3-2.0.1.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.netflix.eureka/eureka-client-jersey3/2.0.1/cf843dc8d721738d4e0d0d410967381ac0e07c20/eureka-client-jersey3-2.0.1.jarMD5: 345d32e391e2ae4e0d921d2b789b92baSHA1: cf843dc8d721738d4e0d0d410967381ac0e07c20SHA256: f724adbb964ffdeb9c2c4ad9cf7b23bd9fa0f6b013d98a9d4ac48d647ba26a42Referenced In Projects/Scopes:
opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath eureka-client-jersey3-2.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name eureka-client-jersey3 High Vendor gradle artifactid eureka-client-jersey3 Highest Vendor gradle groupid com.netflix.eureka Highest Vendor jar package name discovery Low Vendor jar package name netflix Low Vendor jar package name shared Low Vendor Manifest branch 40a91d5fcba331d56ee9e98f115b447e90ca9629 Low Vendor Manifest build-date 2023-06-21_22:29:39 Low Vendor Manifest build-date-utc 2023-06-21T22:29:39.801148Z Low Vendor Manifest build-host https://github.com Low Vendor Manifest build-job __run_2 Low Vendor Manifest build-number 12 Low Vendor Manifest build-time-iso-8601 2023-06-21T22:29:39+0000 Low Vendor Manifest build-timezone Etc/UTC Low Vendor Manifest build-url https://github.com/Netflix/eureka/actions/runs/5339536139 Low Vendor Manifest built-os Linux Low Vendor Manifest built-status integration Low Vendor Manifest change 40a91d5 Low Vendor Manifest full-change 40a91d5fcba331d56ee9e98f115b447e90ca9629 Low Vendor Manifest module-email netflixoss@netflix.com Low Vendor Manifest module-origin https://github.com/Netflix/eureka Low Vendor Manifest module-owner netflixoss@netflix.com Low Vendor Manifest module-source /eureka-client-jersey3 Low Product file name eureka-client-jersey3 High Product gradle artifactid eureka-client-jersey3 Highest Product jar package name discovery Low Product jar package name netflix Highest Product jar package name shared Low Product jar package name transport Low Product Manifest branch 40a91d5fcba331d56ee9e98f115b447e90ca9629 Low Product Manifest build-date 2023-06-21_22:29:39 Low Product Manifest build-date-utc 2023-06-21T22:29:39.801148Z Low Product Manifest build-host https://github.com Low Product Manifest build-job __run_2 Low Product Manifest build-number 12 Low Product Manifest build-time-iso-8601 2023-06-21T22:29:39+0000 Low Product Manifest build-timezone Etc/UTC Low Product Manifest build-url https://github.com/Netflix/eureka/actions/runs/5339536139 Low Product Manifest built-os Linux Low Product Manifest built-status integration Low Product Manifest change 40a91d5 Low Product Manifest full-change 40a91d5fcba331d56ee9e98f115b447e90ca9629 Low Product Manifest Implementation-Title com.netflix.eureka#eureka-client-jersey3;2.0.1 High Product Manifest module-email netflixoss@netflix.com Low Product Manifest module-origin https://github.com/Netflix/eureka Low Product Manifest module-owner netflixoss@netflix.com Low Product Manifest module-source /eureka-client-jersey3 Low Version file version 2.0.1 High Version Manifest Implementation-Version 2.0.1 High
eureka-core-2.0.1.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.netflix.eureka/eureka-core/2.0.1/c6b08ac4e05fd56a93823c53cb4f7052631135cb/eureka-core-2.0.1.jarMD5: ffc706635794bc9b253a1faa61e02589SHA1: c6b08ac4e05fd56a93823c53cb4f7052631135cbSHA256: 93a0ef18b41162118e0819cdee9bd8025ca81d08220ed6677e868d6c99b063e2Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath eureka-core-2.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name eureka-core High Vendor gradle artifactid eureka-core Highest Vendor gradle groupid com.netflix.eureka Highest Vendor jar package name eureka Low Vendor jar package name netflix Low Vendor Manifest branch 40a91d5fcba331d56ee9e98f115b447e90ca9629 Low Vendor Manifest build-date 2023-06-21_22:29:39 Low Vendor Manifest build-date-utc 2023-06-21T22:29:39.875161Z Low Vendor Manifest build-host https://github.com Low Vendor Manifest build-job __run_2 Low Vendor Manifest build-number 12 Low Vendor Manifest build-time-iso-8601 2023-06-21T22:29:39+0000 Low Vendor Manifest build-timezone Etc/UTC Low Vendor Manifest build-url https://github.com/Netflix/eureka/actions/runs/5339536139 Low Vendor Manifest built-os Linux Low Vendor Manifest built-status integration Low Vendor Manifest change 40a91d5 Low Vendor Manifest full-change 40a91d5fcba331d56ee9e98f115b447e90ca9629 Low Vendor Manifest module-email netflixoss@netflix.com Low Vendor Manifest module-origin https://github.com/Netflix/eureka Low Vendor Manifest module-owner netflixoss@netflix.com Low Vendor Manifest module-source /eureka-core Low Product file name eureka-core High Product gradle artifactid eureka-core Highest Product jar package name eureka Highest Product jar package name eureka Low Product jar package name netflix Highest Product Manifest branch 40a91d5fcba331d56ee9e98f115b447e90ca9629 Low Product Manifest build-date 2023-06-21_22:29:39 Low Product Manifest build-date-utc 2023-06-21T22:29:39.875161Z Low Product Manifest build-host https://github.com Low Product Manifest build-job __run_2 Low Product Manifest build-number 12 Low Product Manifest build-time-iso-8601 2023-06-21T22:29:39+0000 Low Product Manifest build-timezone Etc/UTC Low Product Manifest build-url https://github.com/Netflix/eureka/actions/runs/5339536139 Low Product Manifest built-os Linux Low Product Manifest built-status integration Low Product Manifest change 40a91d5 Low Product Manifest full-change 40a91d5fcba331d56ee9e98f115b447e90ca9629 Low Product Manifest Implementation-Title com.netflix.eureka#eureka-core;2.0.1 High Product Manifest module-email netflixoss@netflix.com Low Product Manifest module-origin https://github.com/Netflix/eureka Low Product Manifest module-owner netflixoss@netflix.com Low Product Manifest module-source /eureka-core Low Version file version 2.0.1 High Version Manifest Implementation-Version 2.0.1 High
eureka-core-jersey3-2.0.1.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.netflix.eureka/eureka-core-jersey3/2.0.1/8617457a92728e11238a2487dd375fc871aed9c/eureka-core-jersey3-2.0.1.jarMD5: e42fbc169b4bad3877318937f4ca1d4aSHA1: 08617457a92728e11238a2487dd375fc871aed9cSHA256: 3e4f9588adc352faf00fa4bc5920836d573406db7fc1b41ebced0963eae175fcReferenced In Projects/Scopes:
opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath eureka-core-jersey3-2.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name eureka-core-jersey3 High Vendor gradle artifactid eureka-core-jersey3 Highest Vendor gradle groupid com.netflix.eureka Highest Vendor jar package name eureka Low Vendor jar package name netflix Low Vendor jar package name transport Low Vendor Manifest branch 40a91d5fcba331d56ee9e98f115b447e90ca9629 Low Vendor Manifest build-date 2023-06-21_22:29:39 Low Vendor Manifest build-date-utc 2023-06-21T22:29:39.943616Z Low Vendor Manifest build-host https://github.com Low Vendor Manifest build-job __run_2 Low Vendor Manifest build-number 12 Low Vendor Manifest build-time-iso-8601 2023-06-21T22:29:39+0000 Low Vendor Manifest build-timezone Etc/UTC Low Vendor Manifest build-url https://github.com/Netflix/eureka/actions/runs/5339536139 Low Vendor Manifest built-os Linux Low Vendor Manifest built-status integration Low Vendor Manifest change 40a91d5 Low Vendor Manifest full-change 40a91d5fcba331d56ee9e98f115b447e90ca9629 Low Vendor Manifest module-email netflixoss@netflix.com Low Vendor Manifest module-origin https://github.com/Netflix/eureka Low Vendor Manifest module-owner netflixoss@netflix.com Low Vendor Manifest module-source /eureka-core-jersey3 Low Product file name eureka-core-jersey3 High Product gradle artifactid eureka-core-jersey3 Highest Product jar package name eureka Highest Product jar package name eureka Low Product jar package name netflix Highest Product jar package name transport Low Product Manifest branch 40a91d5fcba331d56ee9e98f115b447e90ca9629 Low Product Manifest build-date 2023-06-21_22:29:39 Low Product Manifest build-date-utc 2023-06-21T22:29:39.943616Z Low Product Manifest build-host https://github.com Low Product Manifest build-job __run_2 Low Product Manifest build-number 12 Low Product Manifest build-time-iso-8601 2023-06-21T22:29:39+0000 Low Product Manifest build-timezone Etc/UTC Low Product Manifest build-url https://github.com/Netflix/eureka/actions/runs/5339536139 Low Product Manifest built-os Linux Low Product Manifest built-status integration Low Product Manifest change 40a91d5 Low Product Manifest full-change 40a91d5fcba331d56ee9e98f115b447e90ca9629 Low Product Manifest Implementation-Title com.netflix.eureka#eureka-core-jersey3;2.0.1 High Product Manifest module-email netflixoss@netflix.com Low Product Manifest module-origin https://github.com/Netflix/eureka Low Product Manifest module-owner netflixoss@netflix.com Low Product Manifest module-source /eureka-core-jersey3 Low Version file version 2.0.1 High Version Manifest Implementation-Version 2.0.1 High
evictor-1.0.0.jarDescription:
A concurrent map with timed element eviction License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.stoyanr/evictor/1.0.0/d4615a8516dc28cb958e723f1a0902faa8732217/evictor-1.0.0.jar
MD5: 0150953ed0b97edcdf8a626e67013b95
SHA1: d4615a8516dc28cb958e723f1a0902faa8732217
SHA256: 1fd9d733b0381178dc0ce69fbc720a50eb3185906c7b4db345025dd6b666d99a
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath evictor-1.0.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name evictor High Vendor gradle artifactid evictor Highest Vendor gradle groupid com.stoyanr Highest Vendor jar package name evictor Highest Vendor jar package name evictor Low Vendor jar package name map Highest Vendor jar package name stoyanr Highest Vendor jar package name stoyanr Low Vendor pom artifactid evictor Low Vendor pom developer email sandy.pec@gmail.com Low Vendor pom developer email stoyanr@gmail.com Low Vendor pom developer id sangupta Medium Vendor pom developer id stoyanr Medium Vendor pom developer name Sandeep Gupta Medium Vendor pom developer name Stoyan Rachev Medium Vendor pom groupid com.stoyanr Highest Vendor pom name Evictor High Vendor pom url stoyanr/Evictor Highest Product file name evictor High Product gradle artifactid evictor Highest Product jar package name evictor Highest Product jar package name evictor Low Product jar package name map Highest Product jar package name stoyanr Highest Product pom artifactid evictor Highest Product pom developer email sandy.pec@gmail.com Low Product pom developer email stoyanr@gmail.com Low Product pom developer id sangupta Low Product pom developer id stoyanr Low Product pom developer name Sandeep Gupta Low Product pom developer name Stoyan Rachev Low Product pom groupid com.stoyanr Highest Product pom name Evictor High Product pom url stoyanr/Evictor High Version file version 1.0.0 High Version gradle version 1.0.0 Highest Version pom version 1.0.0 Highest
evrete-core-3.1.01.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.evrete/evrete-core/3.1.01/5513a827cfb790baa26c1ffcfc14f372d862c56/evrete-core-3.1.01.jarMD5: be962607f274b9cbadb87afcc3a6ac59SHA1: 05513a827cfb790baa26c1ffcfc14f372d862c56SHA256: 6e2a87a6670ac9a7c1a5e22060676e13423c859a4b1e8392b5400f6f3a8f0d82Referenced In Projects/Scopes:
opencdx-classification-analyzer:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-classification:compileClasspath opencdx-classification-analyzer:compileClasspath evrete-core-3.1.01.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/org.evrete/evrete-dsl-java@3.1.01 pkg:maven/org.evrete/evrete-dsl-java@3.1.01 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.evrete/evrete-dsl-java@3.1.01 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.evrete/evrete-dsl-java@3.1.01 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/org.evrete/evrete-dsl-java@3.1.01 pkg:maven/org.evrete/evrete-dsl-java@3.1.01 Evidence Type Source Name Value Confidence Vendor file name evrete-core High Vendor gradle artifactid evrete-core Highest Vendor gradle groupid org.evrete Highest Vendor jar package name evrete Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest implementation-url https://www.evrete.org Low Vendor pom artifactid evrete-core Low Vendor pom groupid org.evrete Highest Vendor pom name evrete-core High Vendor pom parent-artifactid evrete Low Product file name evrete-core High Product gradle artifactid evrete-core Highest Product jar package name evrete Highest Product jar package name rule Highest Product Manifest build-jdk-spec 11 Low Product Manifest Implementation-Title Java Rule Engine High Product Manifest implementation-url https://www.evrete.org Low Product pom artifactid evrete-core Highest Product pom groupid org.evrete Highest Product pom name evrete-core High Product pom parent-artifactid evrete Medium Version file version 3.1.01 High Version gradle version 3.1.01 Highest Version Manifest Implementation-Version 3.1.01 High Version pom version 3.1.01 Highest
evrete-dsl-java-3.1.01.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.evrete/evrete-dsl-java/3.1.01/9b32a2019856b473f72fef8c594422bbf49b4f26/evrete-dsl-java-3.1.01.jarMD5: f66b24f646850f310f9b8272a8c11ec3SHA1: 9b32a2019856b473f72fef8c594422bbf49b4f26SHA256: 9e577c794c00a77750008a16c400e1182187518cbf00d1fb0e5bc371ffafeb88Referenced In Projects/Scopes:
opencdx-classification-analyzer:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-classification:compileClasspath opencdx-classification-analyzer:compileClasspath evrete-dsl-java-3.1.01.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name evrete-dsl-java High Vendor gradle artifactid evrete-dsl-java Highest Vendor gradle groupid org.evrete Highest Vendor jar package name dsl Highest Vendor jar package name evrete Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest implementation-url https://www.evrete.org Low Vendor pom artifactid evrete-dsl-java Low Vendor pom groupid org.evrete Highest Vendor pom name evrete-dsl-java High Vendor pom parent-artifactid evrete Low Product file name evrete-dsl-java High Product gradle artifactid evrete-dsl-java Highest Product jar package name dsl Highest Product jar package name evrete Highest Product jar package name rule Highest Product Manifest build-jdk-spec 11 Low Product Manifest Implementation-Title Java Rule Engine High Product Manifest implementation-url https://www.evrete.org Low Product pom artifactid evrete-dsl-java Highest Product pom groupid org.evrete Highest Product pom name evrete-dsl-java High Product pom parent-artifactid evrete Medium Version file version 3.1.01 High Version gradle version 3.1.01 Highest Version Manifest Implementation-Version 3.1.01 High Version pom version 3.1.01 Highest
excanvas.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot/excanvas.jsMD5: e5b3968f64661f1893cf740191e959c5SHA1: 128d91aa0bf31033d5439176b6be09541f9969feSHA256: 3873d80b8d93f9422d55a10ca9b72411de65f53d9705d902025453898b549180Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
excanvas.min.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot.tooltip/js/excanvas.min.jsMD5: 3682670784157eca627a91ae04f925b8SHA1: 367b6955bcaabc71381ee3c8436db71413894257SHA256: f98cb332c803a746862b762c94e95379b2407d1a87af8c69299590a4e9473781Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
excanvas.min.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot/excanvas.min.jsMD5: ee9e3fee14270b7b27fcaa0e2cf2e042SHA1: ae4ce1a2bfb06c82653633191b04a8969a946b6bSHA256: 6201dbbd9beb94d8a241a0debf2cc2e6efc07ec69f4d1f116984e21b459ee569Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
executor-provider-1.37.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/dev.ikm.tinkar/executor-provider/1.37.0/e8255b2343387129c055a8189de9c24830f1bc8/executor-provider-1.37.0.jarMD5: 577d2967b76e63d899f47745d794eab8SHA1: 0e8255b2343387129c055a8189de9c24830f1bc8SHA256: aff809208a587f718914d5fe1ba6631f3765235baff0ecdaaee5cc4eca6c2d6eReferenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath executor-provider-1.37.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name executor-provider High Vendor gradle artifactid executor-provider Highest Vendor gradle groupid dev.ikm.tinkar Highest Vendor jar package name dev Highest Vendor jar package name ikm Highest Vendor jar package name provider Highest Vendor jar package name tinkar Highest Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid executor-provider Low Vendor pom groupid dev.ikm.tinkar Highest Vendor pom name TINKAR Provider Executor provider High Vendor pom parent-artifactid provider Low Product file name executor-provider High Product gradle artifactid executor-provider Highest Product jar package name dev Highest Product jar package name ikm Highest Product jar package name provider Highest Product jar package name tinkar Highest Product Manifest build-jdk-spec 21 Low Product pom artifactid executor-provider Highest Product pom groupid dev.ikm.tinkar Highest Product pom name TINKAR Provider Executor provider High Product pom parent-artifactid provider Medium Version file version 1.37.0 High Version gradle version 1.37.0 Highest Version pom version 1.37.0 Highest
failureaccess-1.0.1.jar fastdoubleparser-0.3.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/ch.randelshofer/fastdoubleparser/0.3.0/b3d5f91d5739f755b44a6fd2b6bbb826202f56c1/fastdoubleparser-0.3.0.jarMD5: 195a2b3a4e286300076094b7dde5997fSHA1: b3d5f91d5739f755b44a6fd2b6bbb826202f56c1SHA256: 8bc7364b3079b14b846fa463b72500af153e5551bfef678ec612ba93d3bb1737Referenced In Projects/Scopes:
opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 fastdoubleparser-0.3.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name fastdoubleparser High Vendor gradle artifactid fastdoubleparser Highest Vendor gradle groupid ch.randelshofer Highest Vendor jar package name ch Highest Vendor jar package name ch Low Vendor jar package name fastdoubleparser Highest Vendor jar package name fastdoubleparser Low Vendor jar package name randelshofer Highest Vendor jar package name randelshofer Low Vendor Manifest application-library-allowable-codebase * Low Vendor Manifest application-name fastdoubleparser Medium Vendor Manifest caller-allowable-codebase * Low Vendor Manifest codebase * Low Vendor Manifest Implementation-Vendor ch.randelshofer High Vendor Manifest permissions sandboxed Low Vendor Manifest specification-vendor ch.randelshofer Low Vendor Manifest trusted-library false Low Vendor Manifest trusted-only false Low Product file name fastdoubleparser High Product gradle artifactid fastdoubleparser Highest Product jar package name fastdoubleparser Highest Product jar package name fastdoubleparser Low Product jar package name randelshofer Low Product Manifest application-library-allowable-codebase * Low Product Manifest application-name fastdoubleparser Medium Product Manifest caller-allowable-codebase * Low Product Manifest codebase * Low Product Manifest Implementation-Title fastdoubleparser High Product Manifest permissions sandboxed Low Product Manifest specification-title fastdoubleparser Medium Product Manifest trusted-library false Low Product Manifest trusted-only false Low Version file name fastdoubleparser Medium Version file version 0.3.0 High Version gradle version 0.3.0 Highest Version Manifest Implementation-Version 0.3.0_2021-04-10_e3b3371 High Version Manifest signature-version 1.0 Medium
feign-core-13.1.jarDescription:
Feign Core License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.github.openfeign/feign-core/13.1/3202d25687f1b4d51e4c1aec291e54e385683751/feign-core-13.1.jar
MD5: 75b185f53ea93538725f45a84de34171
SHA1: 3202d25687f1b4d51e4c1aec291e54e385683751
SHA256: f6a82304b92a6e79bda11c89bcf83b72949a02337070d315902e6438201dce3b
Referenced In Projects/Scopes: opencdx-client:productionRuntimeClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-client:compileClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath feign-core-13.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.github.openfeign/feign-httpclient@13.2.1 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.openfeign/feign-httpclient@13.2.1 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.openfeign/feign-hc5@13.2.1 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.openfeign/feign-httpclient@13.2.1 pkg:maven/io.github.openfeign/feign-hc5@13.2.1 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.openfeign/feign-hc5@13.2.1 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name feign-core High Vendor gradle artifactid feign-core Highest Vendor gradle groupid io.github.openfeign Highest Vendor jar package name feign Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://github.com/openfeign Low Vendor Manifest bundle-symbolicname io.github.openfeign.feign-core Medium Vendor pom artifactid feign-core Low Vendor pom groupid io.github.openfeign Highest Vendor pom name Feign Core High Vendor pom parent-artifactid parent Low Product file name feign-core High Product gradle artifactid feign-core Highest Product jar package name feign Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://github.com/openfeign Low Product Manifest Bundle-Name Feign Core Medium Product Manifest bundle-symbolicname io.github.openfeign.feign-core Medium Product pom artifactid feign-core Highest Product pom groupid io.github.openfeign Highest Product pom name Feign Core High Product pom parent-artifactid parent Medium Version file version 13.1 High Version gradle version 13.1 Highest Version pom version 13.1 Highest
feign-form-3.8.0.jarDescription:
Simple encoder for Netflix Feign project, which adds forms support (urlencoded and multipart) License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.github.openfeign.form/feign-form/3.8.0/3083889996b18443c275a352d3ab4bc6c8321598/feign-form-3.8.0.jar
MD5: ab48cdaa9aecefe5e938873ba2db3bb0
SHA1: 3083889996b18443c275a352d3ab4bc6c8321598
SHA256: b21d37321b390995c90b5dbb4ff0c33f09d1cc7768207cc0da910ad20bf58961
Referenced In Projects/Scopes: opencdx-client:productionRuntimeClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-client:compileClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath feign-form-3.8.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name feign-form High Vendor gradle artifactid feign-form Highest Vendor gradle groupid io.github.openfeign.form Highest Vendor jar package name feign Highest Vendor jar package name form Highest Vendor Manifest bundle-symbolicname io.github.openfeign.form.feign-form Medium Vendor pom artifactid feign-form Low Vendor pom groupid io.github.openfeign.form Highest Vendor pom name Open Feign Forms Core High Vendor pom parent-artifactid parent Low Product file name feign-form High Product gradle artifactid feign-form Highest Product jar package name feign Highest Product jar package name form Highest Product jar package name multipart Highest Product Manifest Bundle-Name Open Feign Forms Core Medium Product Manifest bundle-symbolicname io.github.openfeign.form.feign-form Medium Product pom artifactid feign-form Highest Product pom groupid io.github.openfeign.form Highest Product pom name Open Feign Forms Core High Product pom parent-artifactid parent Medium Version file version 3.8.0 High Version gradle version 3.8.0 Highest Version Manifest Bundle-Version 3.8.0 High Version pom version 3.8.0 Highest
feign-form-spring-3.8.0.jarDescription:
Simple encoder for Netflix Feign project, which adds forms support (urlencoded and multipart) License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.github.openfeign.form/feign-form-spring/3.8.0/71059f6e16ddbaf0e42f1b1aa0bb60cc2f823e4d/feign-form-spring-3.8.0.jar
MD5: 2c7321712d66562130f999b27334a4f6
SHA1: 71059f6e16ddbaf0e42f1b1aa0bb60cc2f823e4d
SHA256: 382fa8a69afea41653c6b1077773c5e80802d7617cd5ee31b93ef15166dc8e46
Referenced In Projects/Scopes: opencdx-client:productionRuntimeClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-client:compileClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath feign-form-spring-3.8.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name feign-form-spring High Vendor gradle artifactid feign-form-spring Highest Vendor gradle groupid io.github.openfeign.form Highest Vendor jar package name feign Highest Vendor jar package name form Highest Vendor jar package name spring Highest Vendor Manifest bundle-symbolicname io.github.openfeign.form.feign-form-spring Medium Vendor pom artifactid feign-form-spring Low Vendor pom groupid io.github.openfeign.form Highest Vendor pom name Open Feign Forms Extension for Spring High Vendor pom parent-artifactid parent Low Product file name feign-form-spring High Product gradle artifactid feign-form-spring Highest Product jar package name feign Highest Product jar package name form Highest Product jar package name spring Highest Product Manifest Bundle-Name Open Feign Forms Extension for Spring Medium Product Manifest bundle-symbolicname io.github.openfeign.form.feign-form-spring Medium Product pom artifactid feign-form-spring Highest Product pom groupid io.github.openfeign.form Highest Product pom name Open Feign Forms Extension for Spring High Product pom parent-artifactid parent Medium Version file version 3.8.0 High Version gradle version 3.8.0 Highest Version Manifest Bundle-Version 3.8.0 High Version pom version 3.8.0 Highest
feign-hc5-13.1.jarDescription:
Feign Apache HttpComponents Client 5 License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.github.openfeign/feign-hc5/13.1/7f15d0d796044583c5443dce5a353fdf27e43cfb/feign-hc5-13.1.jar
MD5: 80b04c6593d821b3d54b52153f770809
SHA1: 7f15d0d796044583c5443dce5a353fdf27e43cfb
SHA256: fb9b2810240e21eb4c57a498d60d8e816b18ad1fe493eac5bc1615b37164bb56
Referenced In Projects/Scopes: opencdx-classification:runtimeClasspath opencdx-classification:productionRuntimeClasspath feign-hc5-13.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name feign-hc5 High Vendor gradle artifactid feign-hc5 Highest Vendor gradle groupid io.github.openfeign Highest Vendor jar package name feign Highest Vendor jar package name hc5 Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://github.com/openfeign Low Vendor Manifest bundle-symbolicname io.github.openfeign.feign-hc5 Medium Vendor pom artifactid feign-hc5 Low Vendor pom groupid io.github.openfeign Highest Vendor pom name Feign Apache HttpComponents Client 5 High Vendor pom parent-artifactid parent Low Product file name feign-hc5 High Product gradle artifactid feign-hc5 Highest Product jar package name feign Highest Product jar package name hc5 Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://github.com/openfeign Low Product Manifest Bundle-Name Feign Apache HttpComponents Client 5 Medium Product Manifest bundle-symbolicname io.github.openfeign.feign-hc5 Medium Product pom artifactid feign-hc5 Highest Product pom groupid io.github.openfeign Highest Product pom name Feign Apache HttpComponents Client 5 High Product pom parent-artifactid parent Medium Version file version 13.1 High Version gradle version 13.1 Highest Version pom version 13.1 Highest
feign-hc5-13.2.1.jarDescription:
Feign Apache HttpComponents Client 5 License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.github.openfeign/feign-hc5/13.2.1/557faa06f78c9ff1243577bec801c243c16b7a0c/feign-hc5-13.2.1.jar
MD5: 7b8d45322ec6a70d0b91b34165a2ac50
SHA1: 557faa06f78c9ff1243577bec801c243c16b7a0c
SHA256: 49f55277d83de7e61fcf0b974b4c193a086fc8d25568d2aafd1b4ffe33a7842f
Referenced In Projects/Scopes: opencdx-classification-analyzer:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-classification-analyzer:compileClasspath feign-hc5-13.2.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name feign-hc5 High Vendor gradle artifactid feign-hc5 Highest Vendor gradle groupid io.github.openfeign Highest Vendor jar package name feign Highest Vendor jar package name hc5 Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://github.com/openfeign Low Vendor Manifest bundle-symbolicname io.github.openfeign.feign-hc5 Medium Vendor pom artifactid feign-hc5 Low Vendor pom groupid io.github.openfeign Highest Vendor pom name Feign Apache HttpComponents Client 5 High Vendor pom parent-artifactid parent Low Product file name feign-hc5 High Product gradle artifactid feign-hc5 Highest Product jar package name feign Highest Product jar package name hc5 Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://github.com/openfeign Low Product Manifest Bundle-Name Feign Apache HttpComponents Client 5 Medium Product Manifest bundle-symbolicname io.github.openfeign.feign-hc5 Medium Product pom artifactid feign-hc5 Highest Product pom groupid io.github.openfeign Highest Product pom name Feign Apache HttpComponents Client 5 High Product pom parent-artifactid parent Medium Version file version 13.2.1 High Version gradle version 13.2.1 Highest Version Manifest Bundle-Version 13.2.1 High Version pom version 13.2.1 Highest
feign-httpclient-13.1.jarDescription:
Feign Apache HttpClient License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.github.openfeign/feign-httpclient/13.1/7516b64c7c237bd0063b4b470a38d2c574417766/feign-httpclient-13.1.jar
MD5: ccd14e54885f6e5788983dae040e9a37
SHA1: 7516b64c7c237bd0063b4b470a38d2c574417766
SHA256: 39299ddd0e9b91f7b373ddcffdf72fc4105b20329522018df3adc874783b4036
Referenced In Projects/Scopes: opencdx-classification:runtimeClasspath opencdx-classification:productionRuntimeClasspath feign-httpclient-13.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name feign-httpclient High Vendor gradle artifactid feign-httpclient Highest Vendor gradle groupid io.github.openfeign Highest Vendor jar package name feign Highest Vendor jar package name httpclient Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://github.com/openfeign Low Vendor Manifest bundle-symbolicname io.github.openfeign.feign-httpclient Medium Vendor pom artifactid feign-httpclient Low Vendor pom groupid io.github.openfeign Highest Vendor pom name Feign Apache HttpClient High Vendor pom parent-artifactid parent Low Product file name feign-httpclient High Product gradle artifactid feign-httpclient Highest Product jar package name feign Highest Product jar package name httpclient Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://github.com/openfeign Low Product Manifest Bundle-Name Feign Apache HttpClient Medium Product Manifest bundle-symbolicname io.github.openfeign.feign-httpclient Medium Product pom artifactid feign-httpclient Highest Product pom groupid io.github.openfeign Highest Product pom name Feign Apache HttpClient High Product pom parent-artifactid parent Medium Version file version 13.1 High Version gradle version 13.1 Highest Version pom version 13.1 Highest
feign-httpclient-13.2.1.jarDescription:
Feign Apache HttpClient License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.github.openfeign/feign-httpclient/13.2.1/c723c676aff24d914c99d2c392964acc307f692d/feign-httpclient-13.2.1.jar
MD5: 2c24afc0d7af691bd3a43d47a9bbdbec
SHA1: c723c676aff24d914c99d2c392964acc307f692d
SHA256: 1fa42990f3253ff04844d742d9f0dc6f430a05eabdd112b01ddd4aea59eabb4a
Referenced In Projects/Scopes: opencdx-classification-analyzer:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-classification-analyzer:compileClasspath feign-httpclient-13.2.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name feign-httpclient High Vendor gradle artifactid feign-httpclient Highest Vendor gradle groupid io.github.openfeign Highest Vendor jar package name feign Highest Vendor jar package name httpclient Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://github.com/openfeign Low Vendor Manifest bundle-symbolicname io.github.openfeign.feign-httpclient Medium Vendor pom artifactid feign-httpclient Low Vendor pom groupid io.github.openfeign Highest Vendor pom name Feign Apache HttpClient High Vendor pom parent-artifactid parent Low Product file name feign-httpclient High Product gradle artifactid feign-httpclient Highest Product jar package name feign Highest Product jar package name httpclient Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://github.com/openfeign Low Product Manifest Bundle-Name Feign Apache HttpClient Medium Product Manifest bundle-symbolicname io.github.openfeign.feign-httpclient Medium Product pom artifactid feign-httpclient Highest Product pom groupid io.github.openfeign Highest Product pom name Feign Apache HttpClient High Product pom parent-artifactid parent Medium Version file version 13.2.1 High Version gradle version 13.2.1 Highest Version Manifest Bundle-Version 13.2.1 High Version pom version 13.2.1 Highest
feign-slf4j-13.1.jarDescription:
Feign SLF4J License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.github.openfeign/feign-slf4j/13.1/95e0c3035872cccdbb90a852249f6d2719e1dfc6/feign-slf4j-13.1.jar
MD5: f8b15a76bdc25df04f1edcb6f1aaeaab
SHA1: 95e0c3035872cccdbb90a852249f6d2719e1dfc6
SHA256: 53077afe08c9e886486661f6294cedbc93107fb4051c24fc4d4360b84784369d
Referenced In Projects/Scopes: opencdx-client:productionRuntimeClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-client:compileClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath feign-slf4j-13.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name feign-slf4j High Vendor gradle artifactid feign-slf4j Highest Vendor gradle groupid io.github.openfeign Highest Vendor jar package name feign Highest Vendor jar package name slf4j Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://github.com/openfeign Low Vendor Manifest bundle-symbolicname io.github.openfeign.feign-slf4j Medium Vendor pom artifactid feign-slf4j Low Vendor pom groupid io.github.openfeign Highest Vendor pom name Feign SLF4J High Vendor pom parent-artifactid parent Low Product file name feign-slf4j High Product gradle artifactid feign-slf4j Highest Product jar package name feign Highest Product jar package name slf4j Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://github.com/openfeign Low Product Manifest Bundle-Name Feign SLF4J Medium Product Manifest bundle-symbolicname io.github.openfeign.feign-slf4j Medium Product pom artifactid feign-slf4j Highest Product pom groupid io.github.openfeign Highest Product pom name Feign SLF4J High Product pom parent-artifactid parent Medium Version file version 13.1 High Version gradle version 13.1 Highest Version pom version 13.1 Highest
freemarker-2.3.32.jarLicense:
Apache License, Version 2.0; see: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.freemarker/freemarker/2.3.32/8607259125d4fbe982754227ea4f75dd513c6d19/freemarker-2.3.32.jar
MD5: 22624adfe32b76fe3be07a84de4e1c03
SHA1: 8607259125d4fbe982754227ea4f75dd513c6d19
SHA256: 04d65ec1bde6cea20e3495d5e78ef96ab774d9936434861d3254bd88e7e94f92
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath freemarker-2.3.32.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name freemarker High Vendor gradle artifactid freemarker Highest Vendor gradle groupid org.freemarker Highest Vendor jar package name freemarker Highest Vendor jar package name freemarker Low Vendor Manifest automatic-module-name freemarker Medium Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8, JavaSE-1.7 Low Vendor Manifest bundle-symbolicname org.freemarker.freemarker Medium Vendor Manifest extension-name FreeMarker Medium Vendor Manifest Implementation-Vendor freemarker.org High Vendor Manifest specification-vendor freemarker.org Low Product file name freemarker High Product gradle artifactid freemarker Highest Product jar package name freemarker Highest Product Manifest automatic-module-name freemarker Medium Product Manifest Bundle-Name org.freemarker.freemarker Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8, JavaSE-1.7 Low Product Manifest bundle-symbolicname org.freemarker.freemarker Medium Product Manifest extension-name FreeMarker Medium Product Manifest Implementation-Title FreeMarker High Product Manifest specification-title FreeMarker Medium Version file version 2.3.32 High Version Manifest Implementation-Version 2.3.32 High
functionaljava-4.8.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.functionaljava/functionaljava/4.8/4ba128b3201038d3088a06b2f33fac17d65ad817/functionaljava-4.8.jarMD5: 540924b32ea6b4fb716f4a7b844fde88SHA1: 4ba128b3201038d3088a06b2f33fac17d65ad817SHA256: 13793ca76d765993ca6cfe919f2c4f5f57362853cf281177c5f8240532aaaee8Referenced In Projects/Scopes:
opencdx-health:spotless-511629411 opencdx-iam:spotless-511629411 opencdx-admin:spotless-511629411 opencdx-audit:spotless-511629411 opencdx-communications:spotless-511629411 OpenCDX:spotless-511629411 opencdx-gateway:spotless-511629411 opencdx-tinkar:spotless-511629411 opencdx-commons:spotless-511629411 opencdx-logistics:spotless-511629411 opencdx-client:spotless-511629411 opencdx-questionnaire:spotless-511629411 opencdx-config:spotless-511629411 opencdx-discovery:spotless-511629411 opencdx-media:spotless-511629411 opencdx-classification-analyzer:spotless-511629411 opencdx-proto:spotless-511629411 opencdx-helloworld:spotless-511629411 opencdx-classification:spotless-511629411 functionaljava-4.8.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 Evidence Type Source Name Value Confidence Vendor file name functionaljava High Vendor gradle artifactid functionaljava Highest Vendor gradle groupid org.functionaljava Highest Vendor jar package name data Low Vendor jar package name fj Low Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-symbolicname org.functionaljava Medium Product file name functionaljava High Product gradle artifactid functionaljava Highest Product jar package name data Low Product jar package name java Highest Product Manifest bundle-activationpolicy lazy Low Product Manifest Bundle-Name Functional Java Medium Product Manifest bundle-symbolicname org.functionaljava Medium Version file name functionaljava Medium Version file version 4.8 High Version gradle version 4.8 Highest Version Manifest Bundle-Version 4.8 High Version Manifest signature-version 4.8 Medium
google-java-format-1.18.1.jarDescription:
A Java source code formatter that follows Google Java Style.
File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.google.googlejavaformat/google-java-format/1.18.1/e0af1ea2d21fa20914b3a1308cd64d3dcd37d797/google-java-format-1.18.1.jarMD5: 488ee087f72edf74201aa8872b0d07c4SHA1: e0af1ea2d21fa20914b3a1308cd64d3dcd37d797SHA256: ebbe63a3dbc0dc2efafaad1df6408f0b510239ccc5e4595bf499ba479e0ae4a9Referenced In Projects/Scopes:
opencdx-questionnaire:spotless865458226 opencdx-commons:spotless865458226 opencdx-proto:spotless865458226 opencdx-tinkar:spotless865458226 opencdx-gateway:spotless865458226 opencdx-config:spotless865458226 opencdx-health:spotless865458226 opencdx-classification:spotless865458226 opencdx-communications:spotless865458226 opencdx-discovery:spotless865458226 OpenCDX:spotless865458226 opencdx-admin:spotless865458226 opencdx-helloworld:spotless865458226 opencdx-iam:spotless865458226 opencdx-media:spotless865458226 opencdx-client:spotless865458226 opencdx-audit:spotless865458226 opencdx-classification-analyzer:spotless865458226 opencdx-logistics:spotless865458226 google-java-format-1.18.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/OpenCDX@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-admin@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-gateway@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-discovery@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name google-java-format High Vendor gradle artifactid google-java-format Highest Vendor gradle groupid com.google.googlejavaformat Highest Vendor jar package name formatter Highest Vendor jar package name google Highest Vendor jar package name googlejavaformat Highest Vendor jar package name java Highest Vendor Manifest add-exports jdk.compiler/com.sun.tools.javac.api jdk.compiler/com.sun.tools.javac.code jdk.compiler/com.sun.tools.javac.file jdk.compiler/com.sun.tools.javac.parser jdk.compiler/com.sun.tools.javac.tree jdk.compiler/com.sun.tools.javac.util Low Vendor Manifest automatic-module-name com.google.googlejavaformat Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor Google Inc. High Vendor pom artifactid google-java-format Low Vendor pom groupid com.google.googlejavaformat Highest Vendor pom name Google Java Format High Vendor pom parent-artifactid google-java-format-parent Low Product file name google-java-format High Product gradle artifactid google-java-format Highest Product jar package name formatter Highest Product jar package name google Highest Product jar package name googlejavaformat Highest Product jar package name java Highest Product Manifest add-exports jdk.compiler/com.sun.tools.javac.api jdk.compiler/com.sun.tools.javac.code jdk.compiler/com.sun.tools.javac.file jdk.compiler/com.sun.tools.javac.parser jdk.compiler/com.sun.tools.javac.tree jdk.compiler/com.sun.tools.javac.util Low Product Manifest automatic-module-name com.google.googlejavaformat Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Google Java Format High Product pom artifactid google-java-format Highest Product pom groupid com.google.googlejavaformat Highest Product pom name Google Java Format High Product pom parent-artifactid google-java-format-parent Medium Version file version 1.18.1 High Version gradle version 1.18.1 Highest Version Manifest Implementation-Version 1.18.1 High Version pom version 1.18.1 Highest
graph.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/content/js/graph.jsMD5: 767b08a3e3339929054d638e26de3e96SHA1: fafaf6d201c5b234a3b848ca40050e170aafb958SHA256: f6a170f798330d734dedd192198644115735e9a9e39d6aadbf8962a018402f68Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
grpc-api-1.57.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.grpc/grpc-api/1.57.0/768ab3e583b213a3672ec776e70765b594e8bbe5/grpc-api-1.57.0.jarMD5: 25179b8be2f4341720fafdcd11b51d61SHA1: 768ab3e583b213a3672ec776e70765b594e8bbe5SHA256: 8d2c384299f84ee8aa7f670f00e7cb26b87e231cf3091474307b32b76910f71cReferenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-client:compileClasspath opencdx-media:compileClasspath opencdx-logistics:compileClasspath opencdx-questionnaire:compileClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-helloworld:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-iam:compileClasspath opencdx-classification:compileClasspath opencdx-communications:compileClasspath grpc-api-1.57.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 Evidence Type Source Name Value Confidence Vendor file name grpc-api High Vendor gradle artifactid grpc-api Highest Vendor gradle groupid io.grpc Highest Vendor jar package name grpc Low Vendor jar package name io Low Product file name grpc-api High Product gradle artifactid grpc-api Highest Product jar package name grpc Low Product Manifest Implementation-Title jar High Version file version 1.57.0 High Version Manifest Implementation-Version 1.57.0 High
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
cve@mitre.org - EXPLOIT,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PRESS/MEDIA_COVERAGE cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,THIRD_PARTY_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY,US_GOVERNMENT_RESOURCE cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY Vulnerable Software & Versions: (show all )
grpc-api-1.57.2.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.grpc/grpc-api/1.57.2/c71a006b81ddae7bc4b7cb1d2da78c1b173761f4/grpc-api-1.57.2.jarMD5: e891c1deb767846405d8b41932130145SHA1: c71a006b81ddae7bc4b7cb1d2da78c1b173761f4SHA256: 42b72e6572c084055ac3ce03e6efe433eb05ef620b3daf5136a4359fc72cc3e1Referenced In Projects/Scopes:
opencdx-client:productionRuntimeClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-proto:runtimeClasspath opencdx-proto:compileClasspath opencdx-proto:compileProtoPath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-proto:productionRuntimeClasspath opencdx-iam:runtimeClasspath grpc-api-1.57.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.grpc/grpc-protobuf@1.57.2 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.grpc/grpc-stub@1.57.2 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.grpc/grpc-protobuf@1.57.2 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.grpc/grpc-stub@1.57.2 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.grpc/grpc-protobuf@1.57.2 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.grpc/grpc-stub@1.57.2 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.grpc/grpc-protobuf@1.57.2 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.grpc/grpc-stub@1.57.2 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name grpc-api High Vendor gradle artifactid grpc-api Highest Vendor gradle groupid io.grpc Highest Vendor jar package name grpc Low Vendor jar package name io Low Product file name grpc-api High Product gradle artifactid grpc-api Highest Product jar package name grpc Low Product Manifest Implementation-Title jar High Version file version 1.57.2 High Version Manifest Implementation-Version 1.57.2 High
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
cve@mitre.org - EXPLOIT,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PRESS/MEDIA_COVERAGE cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,THIRD_PARTY_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY,US_GOVERNMENT_RESOURCE cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY Vulnerable Software & Versions: (show all )
grpc-context-1.57.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.grpc/grpc-context/1.57.0/8d8f26a9b0bed637ee4592e1df3ef134ed2c54fd/grpc-context-1.57.0.jarMD5: ed88ac1122e642ff9b75b63a2de16342SHA1: 8d8f26a9b0bed637ee4592e1df3ef134ed2c54fdSHA256: 953fcacd82f531e69b76e3834f5830bad4c22ae84144e058d71dc80a7430275dReferenced In Projects/Scopes:
opencdx-client:productionRuntimeClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath grpc-context-1.57.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name grpc-context High Vendor gradle artifactid grpc-context Highest Vendor gradle groupid io.grpc Highest Product file name grpc-context High Product gradle artifactid grpc-context Highest Product Manifest Implementation-Title jar High Version file version 1.57.0 High Version Manifest Implementation-Version 1.57.0 High
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
cve@mitre.org - EXPLOIT,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PRESS/MEDIA_COVERAGE cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,THIRD_PARTY_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY,US_GOVERNMENT_RESOURCE cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY Vulnerable Software & Versions: (show all )
grpc-core-1.57.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.grpc/grpc-core/1.57.0/2b6ef5166f31315098fff9bb85f33ab5fed58f6b/grpc-core-1.57.0.jarMD5: 7898f59f1265a5426146c5af22c74088SHA1: 2b6ef5166f31315098fff9bb85f33ab5fed58f6bSHA256: 3bee48c73bc4c5b55bed79be0e484adf26ba56bebbe5798ddbf34714ef1e1ceaReferenced In Projects/Scopes:
opencdx-client:productionRuntimeClasspath opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-client:compileClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath grpc-core-1.57.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name grpc-core High Vendor gradle artifactid grpc-core Highest Vendor gradle groupid io.grpc Highest Vendor jar package name grpc Low Vendor jar package name internal Low Vendor jar package name io Low Product file name grpc-core High Product gradle artifactid grpc-core Highest Product jar package name grpc Low Product jar package name internal Low Product Manifest Implementation-Title jar High Version file version 1.57.0 High Version Manifest Implementation-Version 1.57.0 High
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
cve@mitre.org - EXPLOIT,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PRESS/MEDIA_COVERAGE cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,THIRD_PARTY_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY,US_GOVERNMENT_RESOURCE cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY Vulnerable Software & Versions: (show all )
grpc-netty-shaded-1.57.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.grpc/grpc-netty-shaded/1.57.0/69df955c77367f160b0e8c46780d256b67bf8c0f/grpc-netty-shaded-1.57.0.jarMD5: ee8170bce81a6a9fa5e784c4565bcc57SHA1: 69df955c77367f160b0e8c46780d256b67bf8c0fSHA256: a66fd247ae11de3bbaddef4c5afd5eb1d387dc163e26e2efc35e196785785fc5Referenced In Projects/Scopes:
opencdx-client:productionRuntimeClasspath opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-client:compileClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath grpc-netty-shaded-1.57.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name grpc-netty-shaded High Vendor gradle artifactid grpc-netty-shaded Highest Vendor gradle groupid io.grpc Highest Vendor jar package name grpc Low Vendor jar package name io Low Vendor jar package name netty Low Product file name grpc-netty-shaded High Product gradle artifactid grpc-netty-shaded Highest Product jar package name grpc Low Product jar package name netty Low Product jar package name shaded Low Product Manifest Implementation-Title jar High Version file version 1.57.0 High Version Manifest Implementation-Version 1.57.0 High
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
cve@mitre.org - EXPLOIT,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PRESS/MEDIA_COVERAGE cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,THIRD_PARTY_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY,US_GOVERNMENT_RESOURCE cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY Vulnerable Software & Versions: (show all )
grpc-protobuf-1.57.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.grpc/grpc-protobuf/1.57.0/49986e40de6cbd14ba26247639b18ab0bac921c1/grpc-protobuf-1.57.0.jarMD5: b17134b384e6422f5bf698ff120ccfa6SHA1: 49986e40de6cbd14ba26247639b18ab0bac921c1SHA256: 49f986d4eab12610fdba4a6890fca52d5eb653598916fdb863a366d5e28eecf7Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-client:compileClasspath opencdx-media:compileClasspath opencdx-logistics:compileClasspath opencdx-questionnaire:compileClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-helloworld:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-iam:compileClasspath opencdx-classification:compileClasspath opencdx-communications:compileClasspath grpc-protobuf-1.57.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 Evidence Type Source Name Value Confidence Vendor file name grpc-protobuf High Vendor gradle artifactid grpc-protobuf Highest Vendor gradle groupid io.grpc Highest Vendor jar package name grpc Low Vendor jar package name io Low Vendor jar package name protobuf Low Product file name grpc-protobuf High Product gradle artifactid grpc-protobuf Highest Product jar package name grpc Low Product jar package name protobuf Low Product Manifest Implementation-Title jar High Version file version 1.57.0 High Version Manifest Implementation-Version 1.57.0 High
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
cve@mitre.org - EXPLOIT,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PRESS/MEDIA_COVERAGE cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,THIRD_PARTY_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY,US_GOVERNMENT_RESOURCE cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY Vulnerable Software & Versions: (show all )
grpc-protobuf-1.57.2.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.grpc/grpc-protobuf/1.57.2/a8354b878571970c518994b95627dc527270bfc4/grpc-protobuf-1.57.2.jarMD5: 884394a1867c8cdb9a2fb8eb43b5105fSHA1: a8354b878571970c518994b95627dc527270bfc4SHA256: 31630d8a9e9f08a959862015e30a4863908be3680c3a686f4c1f08d2ffeaf706Referenced In Projects/Scopes:
opencdx-client:productionRuntimeClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-proto:runtimeClasspath opencdx-proto:compileClasspath opencdx-proto:compileProtoPath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-proto:productionRuntimeClasspath opencdx-iam:runtimeClasspath grpc-protobuf-1.57.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name grpc-protobuf High Vendor gradle artifactid grpc-protobuf Highest Vendor gradle groupid io.grpc Highest Vendor jar package name grpc Low Vendor jar package name io Low Vendor jar package name protobuf Low Product file name grpc-protobuf High Product gradle artifactid grpc-protobuf Highest Product jar package name grpc Low Product jar package name protobuf Low Product Manifest Implementation-Title jar High Version file version 1.57.2 High Version Manifest Implementation-Version 1.57.2 High
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
cve@mitre.org - EXPLOIT,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PRESS/MEDIA_COVERAGE cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,THIRD_PARTY_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY,US_GOVERNMENT_RESOURCE cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY Vulnerable Software & Versions: (show all )
grpc-protobuf-lite-1.57.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.grpc/grpc-protobuf-lite/1.57.0/ca0084219b71d29cd9bfc3b81780aca91a965753/grpc-protobuf-lite-1.57.0.jarMD5: d5f93d64063240d90692ebe8f2ee25f7SHA1: ca0084219b71d29cd9bfc3b81780aca91a965753SHA256: 2c507c02d981b84a21763d44e09af4f279881dd3e25be3080f6361258607f198Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-client:compileClasspath opencdx-media:compileClasspath opencdx-logistics:compileClasspath opencdx-questionnaire:compileClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-helloworld:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-iam:compileClasspath opencdx-classification:compileClasspath opencdx-communications:compileClasspath grpc-protobuf-lite-1.57.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 Evidence Type Source Name Value Confidence Vendor file name grpc-protobuf-lite High Vendor gradle artifactid grpc-protobuf-lite Highest Vendor gradle groupid io.grpc Highest Vendor jar package name grpc Low Vendor jar package name io Low Vendor jar package name protobuf Low Product file name grpc-protobuf-lite High Product gradle artifactid grpc-protobuf-lite Highest Product jar package name grpc Low Product jar package name lite Low Product jar package name protobuf Low Product Manifest Implementation-Title jar High Version file version 1.57.0 High Version Manifest Implementation-Version 1.57.0 High
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
cve@mitre.org - EXPLOIT,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PRESS/MEDIA_COVERAGE cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,THIRD_PARTY_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY,US_GOVERNMENT_RESOURCE cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY Vulnerable Software & Versions: (show all )
grpc-protobuf-lite-1.57.2.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.grpc/grpc-protobuf-lite/1.57.2/14d8e0cab40bf2f661e07b8d0dcc4192d4e9e85a/grpc-protobuf-lite-1.57.2.jarMD5: 8ca97912775e09e543158b64e0aa859aSHA1: 14d8e0cab40bf2f661e07b8d0dcc4192d4e9e85aSHA256: fc4917dc5d419ac810fb3f27523c14e75e1fe50372154fab29324215ee6a955aReferenced In Projects/Scopes:
opencdx-client:productionRuntimeClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-proto:runtimeClasspath opencdx-proto:compileClasspath opencdx-proto:compileProtoPath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-proto:productionRuntimeClasspath opencdx-iam:runtimeClasspath grpc-protobuf-lite-1.57.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.grpc/grpc-protobuf@1.57.2 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.grpc/grpc-protobuf@1.57.2 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.grpc/grpc-protobuf@1.57.2 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.grpc/grpc-protobuf@1.57.2 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name grpc-protobuf-lite High Vendor gradle artifactid grpc-protobuf-lite Highest Vendor gradle groupid io.grpc Highest Vendor jar package name grpc Low Vendor jar package name io Low Vendor jar package name protobuf Low Product file name grpc-protobuf-lite High Product gradle artifactid grpc-protobuf-lite Highest Product jar package name grpc Low Product jar package name lite Low Product jar package name protobuf Low Product Manifest Implementation-Title jar High Version file version 1.57.2 High Version Manifest Implementation-Version 1.57.2 High
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
cve@mitre.org - EXPLOIT,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PRESS/MEDIA_COVERAGE cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,THIRD_PARTY_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY,US_GOVERNMENT_RESOURCE cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY Vulnerable Software & Versions: (show all )
grpc-services-1.57.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.grpc/grpc-services/1.57.0/7b05ca2600e5fa2414dd6d7d69efe1f718b66e59/grpc-services-1.57.0.jarMD5: eb0ca38c29eedb4ef177703d73f9b7a5SHA1: 7b05ca2600e5fa2414dd6d7d69efe1f718b66e59SHA256: 26b5dc949efb5ee6af829cf2316f257f019071017a0ead0061b6efb4a630e46aReferenced In Projects/Scopes:
opencdx-client:productionRuntimeClasspath opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-client:compileClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath grpc-services-1.57.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name grpc-services High Vendor gradle artifactid grpc-services Highest Vendor gradle groupid io.grpc Highest Vendor jar package name channelz Low Vendor jar package name grpc Low Vendor jar package name io Low Product file name grpc-services High Product gradle artifactid grpc-services Highest Product jar package name channelz Low Product jar package name grpc Low Product jar package name v1 Low Product Manifest Implementation-Title jar High Version file version 1.57.0 High Version Manifest Implementation-Version 1.57.0 High
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
cve@mitre.org - EXPLOIT,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PRESS/MEDIA_COVERAGE cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,THIRD_PARTY_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY,US_GOVERNMENT_RESOURCE cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY Vulnerable Software & Versions: (show all )
grpc-spring-boot-starter-5.1.4.jar grpc-stub-1.57.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.grpc/grpc-stub/1.57.0/262e1469c080164d5e2459f4908394d66f4e8828/grpc-stub-1.57.0.jarMD5: eebfe1d1a0972861b91bf5887c842e7cSHA1: 262e1469c080164d5e2459f4908394d66f4e8828SHA256: 6e6ee141539fa14d9fa479f7f511605544443c7e011e78e273cf9468aa183060Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-client:compileClasspath opencdx-media:compileClasspath opencdx-logistics:compileClasspath opencdx-questionnaire:compileClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-helloworld:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-iam:compileClasspath opencdx-classification:compileClasspath opencdx-communications:compileClasspath grpc-stub-1.57.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 Evidence Type Source Name Value Confidence Vendor file name grpc-stub High Vendor gradle artifactid grpc-stub Highest Vendor gradle groupid io.grpc Highest Vendor jar package name grpc Low Vendor jar package name io Low Vendor jar package name stub Low Product file name grpc-stub High Product gradle artifactid grpc-stub Highest Product jar package name grpc Low Product jar package name stub Low Product Manifest Implementation-Title jar High Version file version 1.57.0 High Version Manifest Implementation-Version 1.57.0 High
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
cve@mitre.org - EXPLOIT,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PRESS/MEDIA_COVERAGE cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,THIRD_PARTY_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY,US_GOVERNMENT_RESOURCE cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY Vulnerable Software & Versions: (show all )
grpc-stub-1.57.2.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.grpc/grpc-stub/1.57.2/df47b4eb69fb36940689649400c8e9cbf7c3dc2c/grpc-stub-1.57.2.jarMD5: 47876a053863766a231b1c4ca0b07a51SHA1: df47b4eb69fb36940689649400c8e9cbf7c3dc2cSHA256: 84d2af12719168f76375f2afdfd6eb5133a865edba9244d40e6b968e3adde1d3Referenced In Projects/Scopes:
opencdx-client:productionRuntimeClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-proto:runtimeClasspath opencdx-proto:compileClasspath opencdx-proto:compileProtoPath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-proto:productionRuntimeClasspath opencdx-iam:runtimeClasspath grpc-stub-1.57.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name grpc-stub High Vendor gradle artifactid grpc-stub Highest Vendor gradle groupid io.grpc Highest Vendor jar package name grpc Low Vendor jar package name io Low Vendor jar package name stub Low Product file name grpc-stub High Product gradle artifactid grpc-stub Highest Product jar package name grpc Low Product jar package name stub Low Product Manifest Implementation-Title jar High Version file version 1.57.2 High Version Manifest Implementation-Version 1.57.2 High
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
cve@mitre.org - EXPLOIT,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PRESS/MEDIA_COVERAGE cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,THIRD_PARTY_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY,US_GOVERNMENT_RESOURCE cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY Vulnerable Software & Versions: (show all )
gson-2.10.1.jar guava-19.0.jarDescription:
Guava is a suite of core and expanded libraries that include
utility classes, google's collections, io classes, and much
much more.
Guava has only one code dependency - javax.annotation,
per the JSR-305 spec.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.google.guava/guava/19.0/6ce200f6b23222af3d8abb6b6459e6c44f4bb0e9/guava-19.0.jar
MD5: 43bfc49bdc7324f6daaa60c1ee9f3972
SHA1: 6ce200f6b23222af3d8abb6b6459e6c44f4bb0e9
SHA256: 58d4cc2e05ebb012bbac568b032f75623be1cb6fb096f3c60c72a86f7f057de4
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-admin:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-admin:runtimeClasspath opencdx-config:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-gateway:runtimeClasspath guava-19.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name guava High Vendor gradle artifactid guava Highest Vendor gradle groupid com.google.guava Highest Vendor jar package name google Highest Vendor Manifest bundle-docurl https://guava-libraries.googlecode.com/ Low Vendor Manifest bundle-symbolicname com.google.guava Medium Vendor pom artifactid guava Low Vendor pom groupid com.google.guava Highest Vendor pom name Guava: Google Core Libraries for Java High Vendor pom parent-artifactid guava-parent Low Product file name guava High Product gradle artifactid guava Highest Product jar package name google Highest Product Manifest bundle-docurl https://guava-libraries.googlecode.com/ Low Product Manifest Bundle-Name Guava: Google Core Libraries for Java Medium Product Manifest bundle-symbolicname com.google.guava Medium Product pom artifactid guava Highest Product pom groupid com.google.guava Highest Product pom name Guava: Google Core Libraries for Java High Product pom parent-artifactid guava-parent Medium Version file version 19.0 High Version gradle version 19.0 Highest Version pom version 19.0 Highest
CVE-2023-2976 suppress
Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class.
Even though the security vulnerability is fixed in version 32.0.0, we recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.
CWE-552 Files or Directories Accessible to External Parties
CVSSv3:
Base Score: HIGH (7.1) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:1.8/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2018-10237 suppress
Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable. CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:2.2/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
CVE-2020-8908 suppress
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.
CWE-378 Creation of Temporary File With Insecure Permissions, CWE-732 Incorrect Permission Assignment for Critical Resource
CVSSv2:
Base Score: LOW (2.1) Vector: /AV:L/AC:L/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:1.8/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
guava-31.1-jre.jarDescription:
Guava is a suite of core and expanded libraries that include
utility classes, Google's collections, I/O classes, and
much more.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.google.guava/guava/31.1-jre/60458f877d055d0c9114d9e1a2efb737b4bc282c/guava-31.1-jre.jar
MD5: e37782d974104aa3b0a7bee9927c8042
SHA1: 60458f877d055d0c9114d9e1a2efb737b4bc282c
SHA256: a42edc9cab792e39fe39bb94f3fca655ed157ff87a8af78e1d6ba5b07c4a00ab
Referenced In Projects/Scopes: opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 guava-31.1-jre.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name guava High Vendor gradle artifactid guava Highest Vendor gradle groupid com.google.guava Highest Vendor jar package name common Highest Vendor jar package name google Highest Vendor Manifest automatic-module-name com.google.common Medium Vendor Manifest bundle-docurl https://github.com/google/guava/ Low Vendor Manifest bundle-symbolicname com.google.guava Medium Vendor pom artifactid guava Low Vendor pom groupid com.google.guava Highest Vendor pom name Guava: Google Core Libraries for Java High Vendor pom parent-artifactid guava-parent Low Vendor pom url google/guava Highest Product file name guava High Product gradle artifactid guava Highest Product jar package name common Highest Product jar package name google Highest Product Manifest automatic-module-name com.google.common Medium Product Manifest bundle-docurl https://github.com/google/guava/ Low Product Manifest Bundle-Name Guava: Google Core Libraries for Java Medium Product Manifest bundle-symbolicname com.google.guava Medium Product pom artifactid guava Highest Product pom groupid com.google.guava Highest Product pom name Guava: Google Core Libraries for Java High Product pom parent-artifactid guava-parent Medium Product pom url google/guava High Version gradle version 31.1-jre Highest Version pom version 31.1-jre Highest
CVE-2023-2976 suppress
Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class.
Even though the security vulnerability is fixed in version 32.0.0, we recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.
CWE-552 Files or Directories Accessible to External Parties
CVSSv3:
Base Score: HIGH (7.1) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:1.8/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2020-8908 suppress
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.
CWE-378 Creation of Temporary File With Insecure Permissions, CWE-732 Incorrect Permission Assignment for Critical Resource
CVSSv2:
Base Score: LOW (2.1) Vector: /AV:L/AC:L/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:1.8/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
guava-32.0.1-android.jarDescription:
Guava is a suite of core and expanded libraries that include
utility classes, Google's collections, I/O classes, and
much more.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.google.guava/guava/32.0.1-android/d3fe54a75aeaca33fc562a2a9c1dc181e54cc5e9/guava-32.0.1-android.jar
MD5: 06337414d48d59da0e4b2b15adc248bb
SHA1: d3fe54a75aeaca33fc562a2a9c1dc181e54cc5e9
SHA256: 12429ff9ac33b7afd8b1a5071179757cf4d3c47f0f4099bc0384e644ecbf82dd
Referenced In Projects/Scopes: opencdx-proto:compileProtoPath opencdx-client:compileClasspath opencdx-media:compileClasspath opencdx-logistics:compileClasspath opencdx-questionnaire:compileClasspath opencdx-helloworld:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-proto:runtimeClasspath opencdx-iam:compileClasspath opencdx-proto:productionRuntimeClasspath opencdx-proto:compileClasspath opencdx-communications:compileClasspath guava-32.0.1-android.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.grpc/grpc-protobuf@1.57.2 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/io.grpc/grpc-stub@1.57.2 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/io.grpc/grpc-stub@1.57.2 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/io.grpc/grpc-protobuf@1.57.2 pkg:maven/io.grpc/grpc-protobuf@1.57.2 pkg:maven/io.grpc/grpc-stub@1.57.2 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.grpc/grpc-stub@1.57.2 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 Evidence Type Source Name Value Confidence Vendor file name guava High Vendor gradle artifactid guava Highest Vendor gradle groupid com.google.guava Highest Vendor jar package name common Highest Vendor jar package name google Highest Vendor Manifest automatic-module-name com.google.common Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://github.com/google/guava/ Low Vendor Manifest bundle-symbolicname com.google.guava Medium Vendor pom artifactid guava Low Vendor pom groupid com.google.guava Highest Vendor pom name Guava: Google Core Libraries for Java High Vendor pom parent-artifactid guava-parent Low Vendor pom url google/guava Highest Product file name guava High Product gradle artifactid guava Highest Product jar package name common Highest Product jar package name google Highest Product Manifest automatic-module-name com.google.common Medium Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://github.com/google/guava/ Low Product Manifest Bundle-Name Guava: Google Core Libraries for Java Medium Product Manifest bundle-symbolicname com.google.guava Medium Product pom artifactid guava Highest Product pom groupid com.google.guava Highest Product pom name Guava: Google Core Libraries for Java High Product pom parent-artifactid guava-parent Medium Product pom url google/guava High Version gradle version 32.0.1-android Highest Version pom version 32.0.1-android Highest
guava-32.0.1-jre.jar guava-32.1.1-jre.jarDescription:
Guava is a suite of core and expanded libraries that include
utility classes, Google's collections, I/O classes, and
much more.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.google.guava/guava/32.1.1-jre/ad575652d84153075dd41ec6177ccb15251262b2/guava-32.1.1-jre.jar
MD5: 55870c9a31bf9ba2815f252a93ab0850
SHA1: ad575652d84153075dd41ec6177ccb15251262b2
SHA256: 91fbba37f1c8b251cf9ea9e7d3a369eb79eb1e6a5df1d4bbf483dd0380740281
Referenced In Projects/Scopes: opencdx-classification:runtimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-classification:compileClasspath guava-32.1.1-jre.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 Evidence Type Source Name Value Confidence Vendor file name guava High Vendor gradle artifactid guava Highest Vendor gradle groupid com.google.guava Highest Vendor jar package name common Highest Vendor jar package name google Highest Vendor Manifest automatic-module-name com.google.common Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://github.com/google/guava/ Low Vendor Manifest bundle-symbolicname com.google.guava Medium Vendor pom artifactid guava Low Vendor pom groupid com.google.guava Highest Vendor pom name Guava: Google Core Libraries for Java High Vendor pom parent-artifactid guava-parent Low Vendor pom url google/guava Highest Product file name guava High Product gradle artifactid guava Highest Product jar package name common Highest Product jar package name google Highest Product Manifest automatic-module-name com.google.common Medium Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://github.com/google/guava/ Low Product Manifest Bundle-Name Guava: Google Core Libraries for Java Medium Product Manifest bundle-symbolicname com.google.guava Medium Product pom artifactid guava Highest Product pom groupid com.google.guava Highest Product pom name Guava: Google Core Libraries for Java High Product pom parent-artifactid guava-parent Medium Product pom url google/guava High Version gradle version 32.1.1-jre Highest Version pom version 32.1.1-jre Highest
guava-32.1.2-jre.jarDescription:
Guava is a suite of core and expanded libraries that include
utility classes, Google's collections, I/O classes, and
much more.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.google.guava/guava/32.1.2-jre/5e64ec7e056456bef3a4bc4c6fdaef71e8ab6318/guava-32.1.2-jre.jar
MD5: 5fe031b3b35ed56182478811a931d617
SHA1: 5e64ec7e056456bef3a4bc4c6fdaef71e8ab6318
SHA256: bc65dea7cfd9e4dacf8419d8af0e741655857d27885bb35d943d7187fc3a8fce
Referenced In Projects/Scopes: opencdx-health:spotless-511629411 opencdx-iam:spotless-511629411 opencdx-admin:spotless-511629411 opencdx-audit:spotless-511629411 opencdx-communications:spotless-511629411 OpenCDX:spotless-511629411 opencdx-gateway:spotless-511629411 opencdx-tinkar:spotless-511629411 opencdx-commons:spotless-511629411 opencdx-logistics:spotless-511629411 opencdx-client:spotless-511629411 opencdx-questionnaire:spotless-511629411 opencdx-config:spotless-511629411 opencdx-discovery:spotless-511629411 opencdx-media:spotless-511629411 opencdx-classification-analyzer:spotless-511629411 opencdx-proto:spotless-511629411 opencdx-helloworld:spotless-511629411 opencdx-classification:spotless-511629411 guava-32.1.2-jre.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 Evidence Type Source Name Value Confidence Vendor file name guava High Vendor gradle artifactid guava Highest Vendor gradle groupid com.google.guava Highest Vendor jar package name common Highest Vendor jar package name google Highest Vendor Manifest automatic-module-name com.google.common Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://github.com/google/guava/ Low Vendor Manifest bundle-symbolicname com.google.guava Medium Vendor pom artifactid guava Low Vendor pom groupid com.google.guava Highest Vendor pom name Guava: Google Core Libraries for Java High Vendor pom parent-artifactid guava-parent Low Vendor pom url google/guava Highest Product file name guava High Product gradle artifactid guava Highest Product jar package name common Highest Product jar package name google Highest Product Manifest automatic-module-name com.google.common Medium Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://github.com/google/guava/ Low Product Manifest Bundle-Name Guava: Google Core Libraries for Java Medium Product Manifest bundle-symbolicname com.google.guava Medium Product pom artifactid guava Highest Product pom groupid com.google.guava Highest Product pom name Guava: Google Core Libraries for Java High Product pom parent-artifactid guava-parent Medium Product pom url google/guava High Version gradle version 32.1.2-jre Highest Version pom version 32.1.2-jre Highest
guava-32.1.3-jre.jarDescription:
Guava is a suite of core and expanded libraries that include
utility classes, Google's collections, I/O classes, and
much more.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.google.guava/guava/32.1.3-jre/f306708742ce2bf0fb0901216183bc14073feae/guava-32.1.3-jre.jar
MD5: adc3cf557a48d15cb71be90948558923
SHA1: 0f306708742ce2bf0fb0901216183bc14073feae
SHA256: 6d4e2b5a118aab62e6e5e29d185a0224eed82c85c40ac3d33cf04a270c3b3744
Referenced In Projects/Scopes: opencdx-questionnaire:spotless865458226 opencdx-commons:spotless865458226 opencdx-proto:spotless865458226 opencdx-tinkar:spotless865458226 opencdx-gateway:spotless865458226 opencdx-config:spotless865458226 opencdx-health:spotless865458226 opencdx-classification:spotless865458226 opencdx-communications:spotless865458226 opencdx-discovery:spotless865458226 OpenCDX:spotless865458226 opencdx-admin:spotless865458226 opencdx-helloworld:spotless865458226 opencdx-iam:spotless865458226 opencdx-media:spotless865458226 opencdx-client:spotless865458226 opencdx-audit:spotless865458226 opencdx-classification-analyzer:spotless865458226 opencdx-logistics:spotless865458226 guava-32.1.3-jre.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/cdx.opencdx/opencdx-admin@0.1.20240501165702 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/cdx.opencdx/OpenCDX@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-gateway@0.1.20240501165702 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-discovery@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/com.google.googlejavaformat/google-java-format@1.18.1 Evidence Type Source Name Value Confidence Vendor file name guava High Vendor gradle artifactid guava Highest Vendor gradle groupid com.google.guava Highest Vendor jar package name common Highest Vendor jar package name google Highest Vendor Manifest automatic-module-name com.google.common Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://github.com/google/guava/ Low Vendor Manifest bundle-symbolicname com.google.guava Medium Vendor pom artifactid guava Low Vendor pom groupid com.google.guava Highest Vendor pom name Guava: Google Core Libraries for Java High Vendor pom parent-artifactid guava-parent Low Vendor pom url google/guava Highest Product file name guava High Product gradle artifactid guava Highest Product jar package name common Highest Product jar package name google Highest Product Manifest automatic-module-name com.google.common Medium Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://github.com/google/guava/ Low Product Manifest Bundle-Name Guava: Google Core Libraries for Java Medium Product Manifest bundle-symbolicname com.google.guava Medium Product pom artifactid guava Highest Product pom groupid com.google.guava Highest Product pom name Guava: Google Core Libraries for Java High Product pom parent-artifactid guava-parent Medium Product pom url google/guava High Version gradle version 32.1.3-jre Highest Version pom version 32.1.3-jre Highest
hamcrest-2.2.jar hapi-fhir-base-6.8.7.jarDescription:
An open-source implementation of the FHIR specification in Java. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/ca.uhn.hapi.fhir/hapi-fhir-base/6.8.7/77a397cffe2959f8fa28431cfed14de0de6003a8/hapi-fhir-base-6.8.7.jar
MD5: ab2aa48f58566b3033c7f636eb33e82b
SHA1: 77a397cffe2959f8fa28431cfed14de0de6003a8
SHA256: 8fac610d2a33f8d578052c86a3bf0789cd739d934a99c95b61ca88f5a18a5b0a
Referenced In Projects/Scopes: opencdx-classification:runtimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-classification:compileClasspath hapi-fhir-base-6.8.7.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 Evidence Type Source Name Value Confidence Vendor file name hapi-fhir-base High Vendor gradle artifactid hapi-fhir-base Highest Vendor gradle groupid ca.uhn.hapi.fhir Highest Vendor jar package name ca Highest Vendor jar package name fhir Highest Vendor jar package name uhn Highest Vendor Manifest bundle-docurl https://smilecdr.com Low Vendor Manifest bundle-symbolicname ca.uhn.hapi.fhir.hapi-fhir-base Medium Vendor pom artifactid hapi-fhir-base Low Vendor pom groupid ca.uhn.hapi.fhir Highest Vendor pom name HAPI FHIR - Core Library High Vendor pom parent-artifactid hapi-deployable-pom Low Vendor pom url http://jamesagnew.github.io/hapi-fhir/ Highest Product file name hapi-fhir-base High Product gradle artifactid hapi-fhir-base Highest Product jar package name ca Highest Product jar package name fhir Highest Product jar package name uhn Highest Product Manifest bundle-docurl https://smilecdr.com Low Product Manifest Bundle-Name HAPI FHIR - Core Library Medium Product Manifest bundle-symbolicname ca.uhn.hapi.fhir.hapi-fhir-base Medium Product pom artifactid hapi-fhir-base Highest Product pom groupid ca.uhn.hapi.fhir Highest Product pom name HAPI FHIR - Core Library High Product pom parent-artifactid hapi-deployable-pom Medium Product pom url http://jamesagnew.github.io/hapi-fhir/ Medium Version file version 6.8.7 High Version gradle version 6.8.7 Highest Version Manifest Bundle-Version 6.8.7 High Version pom version 6.8.7 Highest
hapi-fhir-caching-api-6.8.7.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/ca.uhn.hapi.fhir/hapi-fhir-caching-api/6.8.7/6bede1ef17ea2a662a0f9f926bcdd2e0d9d58014/hapi-fhir-caching-api-6.8.7.jarMD5: 629348e5df0ddc47ffb289adfd17d00dSHA1: 6bede1ef17ea2a662a0f9f926bcdd2e0d9d58014SHA256: d5a32261bbae5fc7050d2022a483ff6f8d512c2502870dd5412b8a705966895dReferenced In Projects/Scopes:
opencdx-classification:runtimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-classification:compileClasspath hapi-fhir-caching-api-6.8.7.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 Evidence Type Source Name Value Confidence Vendor file name hapi-fhir-caching-api High Vendor gradle artifactid hapi-fhir-caching-api Highest Vendor gradle groupid ca.uhn.hapi.fhir Highest Vendor jar package name ca Highest Vendor jar package name fhir Highest Vendor jar package name uhn Highest Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid hapi-fhir-caching-api Low Vendor pom groupid ca.uhn.hapi.fhir Highest Vendor pom name HAPI FHIR - ServiceLoaders - Caching API High Vendor pom parent-artifactid hapi-fhir-serviceloaders Low Product file name hapi-fhir-caching-api High Product gradle artifactid hapi-fhir-caching-api Highest Product jar package name ca Highest Product jar package name fhir Highest Product jar package name uhn Highest Product Manifest build-jdk-spec 17 Low Product pom artifactid hapi-fhir-caching-api Highest Product pom groupid ca.uhn.hapi.fhir Highest Product pom name HAPI FHIR - ServiceLoaders - Caching API High Product pom parent-artifactid hapi-fhir-serviceloaders Medium Version file version 6.8.7 High Version gradle version 6.8.7 Highest Version pom version 6.8.7 Highest
hapi-fhir-structures-r4-6.8.7.jarDescription:
An open-source implementation of the FHIR specification in Java. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/ca.uhn.hapi.fhir/hapi-fhir-structures-r4/6.8.7/e68349b4897a93ecf0cd4b9b64250230cd0d18bd/hapi-fhir-structures-r4-6.8.7.jar
MD5: 95e705e66e306c148a83d4dbe76e1a2a
SHA1: e68349b4897a93ecf0cd4b9b64250230cd0d18bd
SHA256: b6025e729ad841b35de8c4aebcad365ee6814132783715d280147675ff6b04b6
Referenced In Projects/Scopes: opencdx-classification:runtimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-classification:compileClasspath hapi-fhir-structures-r4-6.8.7.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name hapi-fhir-structures-r4 High Vendor gradle artifactid hapi-fhir-structures-r4 Highest Vendor gradle groupid ca.uhn.hapi.fhir Highest Vendor jar package name fhir Highest Vendor jar package name hapi Highest Vendor jar package name r4 Highest Vendor Manifest bundle-docurl https://smilecdr.com Low Vendor Manifest bundle-symbolicname ca.uhn.hapi.fhir.hapi-fhir-structures-r4 Medium Vendor pom artifactid hapi-fhir-structures-r4 Low Vendor pom groupid ca.uhn.hapi.fhir Highest Vendor pom name HAPI FHIR Structures - FHIR R4 High Vendor pom parent-artifactid hapi-deployable-pom Low Product file name hapi-fhir-structures-r4 High Product gradle artifactid hapi-fhir-structures-r4 Highest Product jar package name fhir Highest Product jar package name hapi Highest Product jar package name r4 Highest Product Manifest bundle-docurl https://smilecdr.com Low Product Manifest Bundle-Name HAPI FHIR Structures - FHIR R4 Medium Product Manifest bundle-symbolicname ca.uhn.hapi.fhir.hapi-fhir-structures-r4 Medium Product pom artifactid hapi-fhir-structures-r4 Highest Product pom groupid ca.uhn.hapi.fhir Highest Product pom name HAPI FHIR Structures - FHIR R4 High Product pom parent-artifactid hapi-deployable-pom Medium Version file version 6.8.7 High Version gradle version 6.8.7 Highest Version Manifest Bundle-Version 6.8.7 High Version pom version 6.8.7 Highest
hashtable.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/content/js/hashtable.jsMD5: 041054fb273de9c0ecdbaeef262050d9SHA1: cc6195785f49aa649bfa5d69752f90d6cc0641a5SHA256: cf415d8a03db62dcfef3849d2b68de93339e69f564bd1cdea3eb686aebfdf7fbReferenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
hibernate-validator-8.0.1.Final.jar hk2-api-3.0.5.jarDescription:
HK2 API module License:
http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.glassfish.hk2/hk2-api/3.0.5/6774367a6780ea4fedc19425981f1b86762a3506/hk2-api-3.0.5.jar
MD5: 45ceb9f175cb81c47736b300204ae3a3
SHA1: 6774367a6780ea4fedc19425981f1b86762a3506
SHA256: 0b8e548172f10381ad61ce8afaf205a1992dc4ea9a95b9008c3666de72d21b0d
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath hk2-api-3.0.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name hk2-api High Vendor gradle artifactid hk2-api Highest Vendor gradle groupid org.glassfish.hk2 Highest Vendor jar package name api Highest Vendor jar package name glassfish Highest Vendor jar package name hk2 Highest Vendor Manifest automatic-module-name org.glassfish.hk2.api Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest bundle-symbolicname org.glassfish.hk2.api Medium Vendor pom artifactid hk2-api Low Vendor pom groupid org.glassfish.hk2 Highest Vendor pom name HK2 API module High Vendor pom parent-artifactid hk2-parent Low Product file name hk2-api High Product gradle artifactid hk2-api Highest Product jar package name api Highest Product jar package name glassfish Highest Product jar package name hk2 Highest Product Manifest automatic-module-name org.glassfish.hk2.api Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest Bundle-Name HK2 API module Medium Product Manifest bundle-symbolicname org.glassfish.hk2.api Medium Product pom artifactid hk2-api Highest Product pom groupid org.glassfish.hk2 Highest Product pom name HK2 API module High Product pom parent-artifactid hk2-parent Medium Version file version 3.0.5 High Version gradle version 3.0.5 Highest Version Manifest Bundle-Version 3.0.5 High Version pom version 3.0.5 Highest
hk2-locator-3.0.5.jarDescription:
ServiceLocator Default Implementation License:
http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.glassfish.hk2/hk2-locator/3.0.5/ea4a4d2c187dead10c998ebb3c3d6ce5133f5637/hk2-locator-3.0.5.jar
MD5: 60114dfe312d23123de543ea35e4fe7e
SHA1: ea4a4d2c187dead10c998ebb3c3d6ce5133f5637
SHA256: b052277dbdcaef810f1b42b10e9416c23e7ccfa0c195b0a5344d80cc178631ec
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath hk2-locator-3.0.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name hk2-locator High Vendor gradle artifactid hk2-locator Highest Vendor gradle groupid org.glassfish.hk2 Highest Vendor jar package name hk2 Highest Vendor Manifest automatic-module-name org.glassfish.hk2.locator Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest bundle-symbolicname org.glassfish.hk2.locator Medium Vendor pom artifactid hk2-locator Low Vendor pom groupid org.glassfish.hk2 Highest Vendor pom name ServiceLocator Default Implementation High Vendor pom parent-artifactid hk2-parent Low Product file name hk2-locator High Product gradle artifactid hk2-locator Highest Product jar package name hk2 Highest Product Manifest automatic-module-name org.glassfish.hk2.locator Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest Bundle-Name ServiceLocator Default Implementation Medium Product Manifest bundle-symbolicname org.glassfish.hk2.locator Medium Product pom artifactid hk2-locator Highest Product pom groupid org.glassfish.hk2 Highest Product pom name ServiceLocator Default Implementation High Product pom parent-artifactid hk2-parent Medium Version file version 3.0.5 High Version gradle version 3.0.5 Highest Version Manifest Bundle-Version 3.0.5 High Version pom version 3.0.5 Highest
hk2-utils-3.0.5.jarDescription:
HK2 Implementation Utilities License:
http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.glassfish.hk2/hk2-utils/3.0.5/4d65eff85bd778f66e448be1049be8b9530a028f/hk2-utils-3.0.5.jar
MD5: 567df075ca2f9da0d059ccaf984f1ba8
SHA1: 4d65eff85bd778f66e448be1049be8b9530a028f
SHA256: af43ea4ae1e05f3860bc5f2e23202bdd2106b7947a8ecd7b1fd3994daa78babb
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath hk2-utils-3.0.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name hk2-utils High Vendor gradle artifactid hk2-utils Highest Vendor gradle groupid org.glassfish.hk2 Highest Vendor jar package name glassfish Highest Vendor jar package name hk2 Highest Vendor jar package name utilities Highest Vendor Manifest automatic-module-name org.glassfish.hk2.utilities Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest bundle-symbolicname org.glassfish.hk2.utils Medium Vendor Manifest service foo Low Vendor pom artifactid hk2-utils Low Vendor pom groupid org.glassfish.hk2 Highest Vendor pom name HK2 Implementation Utilities High Vendor pom parent-artifactid hk2-parent Low Product file name hk2-utils High Product gradle artifactid hk2-utils Highest Product jar package name glassfish Highest Product jar package name hk2 Highest Product jar package name utilities Highest Product Manifest automatic-module-name org.glassfish.hk2.utilities Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest Bundle-Name HK2 Implementation Utilities Medium Product Manifest bundle-symbolicname org.glassfish.hk2.utils Medium Product Manifest service foo Low Product pom artifactid hk2-utils Highest Product pom groupid org.glassfish.hk2 Highest Product pom name HK2 Implementation Utilities High Product pom parent-artifactid hk2-parent Medium Version file version 3.0.5 High Version gradle version 3.0.5 Highest Version Manifest Bundle-Version 3.0.5 High Version pom version 3.0.5 Highest
httpclient-4.5.14.jarDescription:
Apache HttpComponents Client
File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.apache.httpcomponents/httpclient/4.5.14/1194890e6f56ec29177673f2f12d0b8e627dec98/httpclient-4.5.14.jarMD5: 2cb357c4b763f47e58af6cad47df6ba3SHA1: 1194890e6f56ec29177673f2f12d0b8e627dec98SHA256: c8bc7e1c51a6d4ce72f40d2ebbabf1c4b68bfe76e732104b04381b493478e9d6Referenced In Projects/Scopes:
opencdx-discovery:compileClasspath opencdx-config:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-discovery:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-config:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-classification-analyzer:compileClasspath opencdx-config:productionRuntimeClasspath httpclient-4.5.14.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.github.openfeign/feign-httpclient@13.2.1 pkg:maven/io.github.openfeign/feign-httpclient@13.2.1 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/io.github.openfeign/feign-httpclient@13.2.1 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name httpclient High Vendor gradle artifactid httpclient Highest Vendor gradle groupid org.apache.httpcomponents Highest Vendor jar package name apache Highest Vendor jar package name client Highest Vendor jar package name httpclient Highest Vendor Manifest automatic-module-name org.apache.httpcomponents.httpclient Medium Vendor Manifest implementation-url http://hc.apache.org/httpcomponents-client-ga Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.httpcomponents Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid httpclient Low Vendor pom groupid org.apache.httpcomponents Highest Vendor pom name Apache HttpClient High Vendor pom parent-artifactid httpcomponents-client Low Vendor pom url http://hc.apache.org/httpcomponents-client-ga Highest Product file name httpclient High Product gradle artifactid httpclient Highest Product jar package name apache Highest Product jar package name client Highest Product jar package name http Highest Product jar package name httpclient Highest Product Manifest automatic-module-name org.apache.httpcomponents.httpclient Medium Product Manifest Implementation-Title Apache HttpClient High Product Manifest implementation-url http://hc.apache.org/httpcomponents-client-ga Low Product Manifest specification-title Apache HttpClient Medium Product pom artifactid httpclient Highest Product pom groupid org.apache.httpcomponents Highest Product pom name Apache HttpClient High Product pom parent-artifactid httpcomponents-client Medium Product pom url http://hc.apache.org/httpcomponents-client-ga Medium Version file version 4.5.14 High Version gradle version 4.5.14 Highest Version Manifest Implementation-Version 4.5.14 High Version pom version 4.5.14 Highest
httpclient-4.5.3.jarDescription:
Apache HttpComponents Client
File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.apache.httpcomponents/httpclient/4.5.3/d1577ae15f01ef5438c5afc62162457c00a34713/httpclient-4.5.3.jarMD5: 1965ebb7aca0f9f8faaed3870d8cf689SHA1: d1577ae15f01ef5438c5afc62162457c00a34713SHA256: db3d1b6c2d6a5e5ad47577ad61854e2f0e0936199b8e05eb541ed52349263135Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath httpclient-4.5.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name httpclient High Vendor gradle artifactid httpclient Highest Vendor gradle groupid org.apache.httpcomponents Highest Vendor jar package name apache Highest Vendor jar package name client Highest Vendor jar package name httpclient Highest Vendor Manifest implementation-build tags/4.5.3-RC1/httpclient@r1779741; 2017-01-21 16:58:35+0100 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest url http://hc.apache.org/httpcomponents-client Low Vendor pom artifactid httpclient Low Vendor pom groupid org.apache.httpcomponents Highest Vendor pom name Apache HttpClient High Vendor pom parent-artifactid httpcomponents-client Low Vendor pom url http://hc.apache.org/httpcomponents-client Highest Product file name httpclient High Product gradle artifactid httpclient Highest Product jar package name apache Highest Product jar package name client Highest Product jar package name http Highest Product jar package name httpclient Highest Product Manifest implementation-build tags/4.5.3-RC1/httpclient@r1779741; 2017-01-21 16:58:35+0100 Low Product Manifest Implementation-Title HttpComponents Apache HttpClient High Product Manifest specification-title HttpComponents Apache HttpClient Medium Product Manifest url http://hc.apache.org/httpcomponents-client Low Product pom artifactid httpclient Highest Product pom groupid org.apache.httpcomponents Highest Product pom name Apache HttpClient High Product pom parent-artifactid httpcomponents-client Medium Product pom url http://hc.apache.org/httpcomponents-client Medium Version file version 4.5.3 High Version gradle version 4.5.3 Highest Version Manifest Implementation-Version 4.5.3 High Version pom version 4.5.3 Highest
CVE-2020-13956 suppress
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution. NVD-CWE-noinfo
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (5.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
httpclient5-5.2.3.jar httpcore-4.4.16.jarDescription:
Apache HttpComponents Core (blocking I/O)
File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.apache.httpcomponents/httpcore/4.4.16/51cf043c87253c9f58b539c9f7e44c8894223850/httpcore-4.4.16.jarMD5: 28d2cd9bf8789fd2ec774fb88436ebd1SHA1: 51cf043c87253c9f58b539c9f7e44c8894223850SHA256: 6c9b3dd142a09dc468e23ad39aad6f75a0f2b85125104469f026e52a474e464fReferenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath httpcore-4.4.16.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.github.openfeign/feign-httpclient@13.2.1 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/io.github.openfeign/feign-httpclient@13.2.1 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/io.github.openfeign/feign-httpclient@13.2.1 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name httpcore High Vendor gradle artifactid httpcore Highest Vendor gradle groupid org.apache.httpcomponents Highest Vendor jar package name apache Highest Vendor Manifest automatic-module-name org.apache.httpcomponents.httpcore Medium Vendor Manifest implementation-build ${scmBranch}@r${buildNumber}; 2022-11-26 09:44:32+0000 Low Vendor Manifest implementation-url http://hc.apache.org/httpcomponents-core-ga Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest url http://hc.apache.org/httpcomponents-core-ga Low Vendor pom artifactid httpcore Low Vendor pom groupid org.apache.httpcomponents Highest Vendor pom name Apache HttpCore High Vendor pom parent-artifactid httpcomponents-core Low Vendor pom url http://hc.apache.org/httpcomponents-core-ga Highest Product file name httpcore High Product gradle artifactid httpcore Highest Product jar package name apache Highest Product jar package name http Highest Product Manifest automatic-module-name org.apache.httpcomponents.httpcore Medium Product Manifest implementation-build ${scmBranch}@r${buildNumber}; 2022-11-26 09:44:32+0000 Low Product Manifest Implementation-Title HttpComponents Apache HttpCore High Product Manifest implementation-url http://hc.apache.org/httpcomponents-core-ga Low Product Manifest specification-title HttpComponents Apache HttpCore Medium Product Manifest url http://hc.apache.org/httpcomponents-core-ga Low Product pom artifactid httpcore Highest Product pom groupid org.apache.httpcomponents Highest Product pom name Apache HttpCore High Product pom parent-artifactid httpcomponents-core Medium Product pom url http://hc.apache.org/httpcomponents-core-ga Medium Version file version 4.4.16 High Version gradle version 4.4.16 Highest Version Manifest Implementation-Version 4.4.16 High Version pom version 4.4.16 Highest
httpcore5-5.2.4.jar httpcore5-h2-5.2.4.jar icu4j-72.1.jarDescription:
International Components for Unicode for Java File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.ibm.icu/icu4j/72.1/bc9057df4b5efddf7f6d1880bf7f3399f4ce5633/icu4j-72.1.jarMD5: b98735702f497dd482638bedc16a1c09SHA1: bc9057df4b5efddf7f6d1880bf7f3399f4ce5633SHA256: 3df572b240a68d13b5cd778ad2393e885d26411434cd8f098ac5987ea2e64ce3Referenced In Projects/Scopes:
opencdx-classification:runtimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-classification:compileClasspath icu4j-72.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 Evidence Type Source Name Value Confidence Vendor file name icu4j High Vendor file (hint) name icu-project High Vendor file (hint) name unicode High Vendor gradle artifactid icu4j Highest Vendor gradle groupid com.ibm.icu Highest Vendor gradle (hint) artifactid icu-project Highest Vendor gradle (hint) artifactid unicode Highest Vendor jar package name ibm Highest Vendor jar package name ibm Low Vendor jar package name icu Highest Vendor jar package name icu Low Vendor Manifest automatic-module-name com.ibm.icu Medium Vendor Manifest bundle-copyright © 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.7 Low Vendor Manifest bundle-symbolicname com.ibm.icu Medium Vendor Manifest Implementation-Vendor Unicode, Inc. High Vendor Manifest Implementation-Vendor-Id org.unicode Medium Product file name icu4j High Product gradle artifactid icu4j Highest Product hint analyzer product international_components_for_unicode Highest Product jar package name ibm Highest Product jar package name icu Highest Product jar package name icu Low Product Manifest automatic-module-name com.ibm.icu Medium Product Manifest bundle-copyright © 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html Low Product Manifest Bundle-Name ICU4J Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.7 Low Product Manifest bundle-symbolicname com.ibm.icu Medium Product Manifest Implementation-Title International Components for Unicode for Java High Product Manifest specification-title International Components for Unicode for Java Medium Version file version 72.1 High Version Manifest Implementation-Version 72.1 High
istack-commons-runtime-4.1.2.jarDescription:
istack common utility code License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.sun.istack/istack-commons-runtime/4.1.2/18ec117c85f3ba0ac65409136afa8e42bc74e739/istack-commons-runtime-4.1.2.jar
MD5: 535154ef647af2a52478c4debec93659
SHA1: 18ec117c85f3ba0ac65409136afa8e42bc74e739
SHA256: 7fd6792361f4dd00f8c56af4a20cecc0066deea4a8f3dec38348af23fc2296ee
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath istack-commons-runtime-4.1.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name istack-commons-runtime High Vendor gradle artifactid istack-commons-runtime Highest Vendor gradle groupid com.sun.istack Highest Vendor jar package name istack Highest Vendor jar package name sun Highest Vendor jar (hint) package name oracle Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname com.sun.istack.commons-runtime Medium Vendor Manifest implementation-build-id 4.1.2 - 343a28e Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest Implementation-Vendor-Id com.sun.istack Medium Vendor pom artifactid istack-commons-runtime Low Vendor pom groupid com.sun.istack Highest Vendor pom name istack common utility code runtime High Vendor pom parent-artifactid istack-commons Low Product file name istack-commons-runtime High Product gradle artifactid istack-commons-runtime Highest Product jar package name istack Highest Product jar package name sun Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name istack common utility code runtime Medium Product Manifest bundle-symbolicname com.sun.istack.commons-runtime Medium Product Manifest implementation-build-id 4.1.2 - 343a28e Low Product pom artifactid istack-commons-runtime Highest Product pom groupid com.sun.istack Highest Product pom name istack common utility code runtime High Product pom parent-artifactid istack-commons Medium Version file version 4.1.2 High Version gradle version 4.1.2 Highest Version Manifest Bundle-Version 4.1.2 High Version Manifest implementation-build-id 4.1.2 Low Version pom version 4.1.2 Highest
j2objc-annotations-1.3.jarDescription:
A set of annotations that provide additional information to the J2ObjC
translator to modify the result of translation.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.google.j2objc/j2objc-annotations/1.3/ba035118bc8bac37d7eff77700720999acd9986d/j2objc-annotations-1.3.jar
MD5: 5fa4ec4ec0c5aa70af8a7d4922df1931
SHA1: ba035118bc8bac37d7eff77700720999acd9986d
SHA256: 21af30c92267bd6122c0e0b4d20cccb6641a37eaf956c6540ec471d584e64a7b
Referenced In Projects/Scopes: opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 j2objc-annotations-1.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name j2objc-annotations High Vendor gradle artifactid j2objc-annotations Highest Vendor gradle groupid com.google.j2objc Highest Vendor jar package name annotations Highest Vendor jar package name annotations Low Vendor jar package name google Highest Vendor jar package name google Low Vendor jar package name j2objc Highest Vendor jar package name j2objc Low Vendor pom artifactid j2objc-annotations Low Vendor pom groupid com.google.j2objc Highest Vendor pom name J2ObjC Annotations High Vendor pom url google/j2objc/ Highest Product file name j2objc-annotations High Product gradle artifactid j2objc-annotations Highest Product jar package name annotations Highest Product jar package name annotations Low Product jar package name google Highest Product jar package name j2objc Highest Product jar package name j2objc Low Product pom artifactid j2objc-annotations Highest Product pom groupid com.google.j2objc Highest Product pom name J2ObjC Annotations High Product pom url google/j2objc/ High Version file version 1.3 High Version gradle version 1.3 Highest Version pom version 1.3 Highest
j2objc-annotations-2.8.jar jackson-annotations-2.15.4.jar jackson-core-2.15.4.jar jackson-databind-2.15.4.jar jackson-dataformat-xml-2.15.4.jarDescription:
Data format extension for Jackson to offer
alternative support for serializing POJOs as XML and deserializing XML as pojos.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.fasterxml.jackson.dataformat/jackson-dataformat-xml/2.15.4/d302ab26ceaf51ac7b5c8097a94e13da09c5983f/jackson-dataformat-xml-2.15.4.jar
MD5: 634b13c9577a22ca187de9ff683d4406
SHA1: d302ab26ceaf51ac7b5c8097a94e13da09c5983f
SHA256: 90d8109cda7b90c494a7bfde44e96e2fa25021191b67a5924dfa5cbd698025c3
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath jackson-dataformat-xml-2.15.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.2.4 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name jackson-dataformat-xml High Vendor gradle artifactid jackson-dataformat-xml Highest Vendor gradle groupid com.fasterxml.jackson.dataformat Highest Vendor jar package name dataformat Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor jar package name xml Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson-dataformat-xml Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.dataformat.jackson-dataformat-xml Medium Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.dataformat Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-dataformat-xml Low Vendor pom groupid com.fasterxml.jackson.dataformat Highest Vendor pom name Jackson-dataformat-XML High Vendor pom parent-artifactid jackson-base Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom url FasterXML/jackson-dataformat-xml Highest Product file name jackson-dataformat-xml High Product gradle artifactid jackson-dataformat-xml Highest Product jar package name dataformat Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product jar package name xml Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson-dataformat-xml Low Product Manifest Bundle-Name Jackson-dataformat-XML Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.dataformat.jackson-dataformat-xml Medium Product Manifest Implementation-Title Jackson-dataformat-XML High Product Manifest multi-release true Low Product Manifest specification-title Jackson-dataformat-XML Medium Product pom artifactid jackson-dataformat-xml Highest Product pom groupid com.fasterxml.jackson.dataformat Highest Product pom name Jackson-dataformat-XML High Product pom parent-artifactid jackson-base Medium Product pom parent-groupid com.fasterxml.jackson Medium Product pom url FasterXML/jackson-dataformat-xml High Version file version 2.15.4 High Version gradle version 2.15.4 Highest Version Manifest Bundle-Version 2.15.4 High Version Manifest Implementation-Version 2.15.4 High Version pom version 2.15.4 Highest
jackson-dataformat-yaml-2.15.4.jar jackson-datatype-guava-2.15.4.jarDescription:
Add-on datatype-support module for Jackson (https://github.com/FasterXML/jackson) that handles
Guava (https://github.com/google/guava) types (currently mostly just collection ones)
License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.fasterxml.jackson.datatype/jackson-datatype-guava/2.15.4/b55579ab2b5d9f429566d97cc897d857f85e1ab2/jackson-datatype-guava-2.15.4.jar
MD5: a05abf4f6cb42f4a61e4763b2fc61607
SHA1: b55579ab2b5d9f429566d97cc897d857f85e1ab2
SHA256: 2c4769a7d561f1050c880dec1e01b09ae7af8da7349797f3a0140be97592649b
Referenced In Projects/Scopes: opencdx-health:spotless-511629411 opencdx-iam:spotless-511629411 opencdx-admin:spotless-511629411 opencdx-audit:spotless-511629411 opencdx-communications:spotless-511629411 OpenCDX:spotless-511629411 opencdx-gateway:spotless-511629411 opencdx-tinkar:spotless-511629411 opencdx-commons:spotless-511629411 opencdx-logistics:spotless-511629411 opencdx-client:spotless-511629411 opencdx-questionnaire:spotless-511629411 opencdx-config:spotless-511629411 opencdx-discovery:spotless-511629411 opencdx-media:spotless-511629411 opencdx-classification-analyzer:spotless-511629411 opencdx-proto:spotless-511629411 opencdx-helloworld:spotless-511629411 opencdx-classification:spotless-511629411 jackson-datatype-guava-2.15.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 Evidence Type Source Name Value Confidence Vendor file name jackson-datatype-guava High Vendor gradle artifactid jackson-datatype-guava Highest Vendor gradle groupid com.fasterxml.jackson.datatype Highest Vendor jar package name datatype Highest Vendor jar package name fasterxml Highest Vendor jar package name guava Highest Vendor jar package name jackson Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson-datatypes-collections Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.datatype.jackson-datatype-guava Medium Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.datatype Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-datatype-guava Low Vendor pom groupid com.fasterxml.jackson.datatype Highest Vendor pom name Jackson datatype: Guava High Vendor pom parent-artifactid jackson-datatypes-collections Low Vendor pom url FasterXML/jackson-datatypes-collections Highest Product file name jackson-datatype-guava High Product gradle artifactid jackson-datatype-guava Highest Product jar package name datatype Highest Product jar package name fasterxml Highest Product jar package name guava Highest Product jar package name jackson Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson-datatypes-collections Low Product Manifest Bundle-Name Jackson datatype: Guava Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.datatype.jackson-datatype-guava Medium Product Manifest Implementation-Title Jackson datatype: Guava High Product Manifest multi-release true Low Product Manifest specification-title Jackson datatype: Guava Medium Product pom artifactid jackson-datatype-guava Highest Product pom groupid com.fasterxml.jackson.datatype Highest Product pom name Jackson datatype: Guava High Product pom parent-artifactid jackson-datatypes-collections Medium Product pom url FasterXML/jackson-datatypes-collections High Version file version 2.15.4 High Version gradle version 2.15.4 Highest Version Manifest Bundle-Version 2.15.4 High Version Manifest Implementation-Version 2.15.4 High Version pom version 2.15.4 Highest
jackson-datatype-jdk8-2.15.4.jar jackson-datatype-jsr310-2.15.4.jar jackson-datatype-jsr310-2.16.1.jarDescription:
Add-on module to support JSR-310 (Java 8 Date & Time API) data types. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.fasterxml.jackson.datatype/jackson-datatype-jsr310/2.16.1/36a418325c618e440e5ccb80b75c705d894f50bd/jackson-datatype-jsr310-2.16.1.jar
MD5: 31164dfc9861d7bbcdf19413e6d9ce84
SHA1: 36a418325c618e440e5ccb80b75c705d894f50bd
SHA256: 6281970682a8da3ddbac54bb203c9badf1c26f507f3ecaa48ef10318579bc9ad
Referenced In Projects/Scopes: opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath jackson-datatype-jsr310-2.16.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.16.1 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.swagger.core.v3/swagger-core-jakarta@2.2.19 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.16.1 pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/com.hubspot.jackson/jackson-datatype-protobuf@0.9.15 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.16.1 pkg:maven/com.hubspot.jackson/jackson-datatype-protobuf@0.9.15 pkg:maven/io.jsonwebtoken/jjwt-jackson@0.12.3 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/io.swagger.core.v3/swagger-core-jakarta@2.2.19 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/com.hubspot.jackson/jackson-datatype-protobuf@0.9.15 pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.16.1 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.16.1 pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.16.1 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/com.hubspot.jackson/jackson-datatype-protobuf@0.9.15 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.2.4 pkg:maven/com.hubspot.jackson/jackson-datatype-protobuf@0.9.15 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/io.jsonwebtoken/jjwt-jackson@0.12.3 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/io.jsonwebtoken/jjwt-jackson@0.12.3 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/com.hubspot.jackson/jackson-datatype-protobuf@0.9.15 pkg:maven/io.swagger.core.v3/swagger-core-jakarta@2.2.19 Evidence Type Source Name Value Confidence Vendor file name jackson-datatype-jsr310 High Vendor gradle artifactid jackson-datatype-jsr310 Highest Vendor gradle groupid com.fasterxml.jackson.datatype Highest Vendor jar package name datatype Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor jar package name jsr310 Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson-modules-java8/jackson-datatype-jsr310 Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.datatype.jackson-datatype-jsr310 Medium Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.datatype Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-datatype-jsr310 Low Vendor pom developer email nicholas@nicholaswilliams.net Low Vendor pom developer id beamerblvd Medium Vendor pom developer name Nick Williams Medium Vendor pom groupid com.fasterxml.jackson.datatype Highest Vendor pom name Jackson datatype: JSR310 High Vendor pom parent-artifactid jackson-modules-java8 Low Vendor pom parent-groupid com.fasterxml.jackson.module Medium Product file name jackson-datatype-jsr310 High Product gradle artifactid jackson-datatype-jsr310 Highest Product jar package name datatype Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product jar package name jsr310 Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson-modules-java8/jackson-datatype-jsr310 Low Product Manifest Bundle-Name Jackson datatype: JSR310 Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.datatype.jackson-datatype-jsr310 Medium Product Manifest Implementation-Title Jackson datatype: JSR310 High Product Manifest multi-release true Low Product Manifest specification-title Jackson datatype: JSR310 Medium Product pom artifactid jackson-datatype-jsr310 Highest Product pom developer email nicholas@nicholaswilliams.net Low Product pom developer id beamerblvd Low Product pom developer name Nick Williams Low Product pom groupid com.fasterxml.jackson.datatype Highest Product pom name Jackson datatype: JSR310 High Product pom parent-artifactid jackson-modules-java8 Medium Product pom parent-groupid com.fasterxml.jackson.module Medium Version file version 2.16.1 High Version gradle version 2.16.1 Highest Version Manifest Bundle-Version 2.16.1 High Version Manifest Implementation-Version 2.16.1 High Version pom version 2.16.1 Highest
jackson-datatype-protobuf-0.9.15.jarDescription:
Jackson Module that adds support for reading/writing protobufs File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.hubspot.jackson/jackson-datatype-protobuf/0.9.15/7037148127c70700d287c877512c80e97aa7fbb5/jackson-datatype-protobuf-0.9.15.jarMD5: acfb0b883f59c978e2a8f60b61cb7f53SHA1: 7037148127c70700d287c877512c80e97aa7fbb5SHA256: e0362408dea93e8a11d30e5536aed2edb92494e49451b6816fdd4dbe88b34d16Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath jackson-datatype-protobuf-0.9.15.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name jackson-datatype-protobuf High Vendor gradle artifactid jackson-datatype-protobuf Highest Vendor gradle groupid com.hubspot.jackson Highest Vendor jar package name datatype Highest Vendor jar package name hubspot Highest Vendor jar package name jackson Highest Vendor jar package name protobuf Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest x-basepom-build-id 8d3b01cb-fab7-4315-8b31-b77cac7ac86e Low Vendor Manifest x-basepom-git-commit-id 686abc9c7de22cb364eebf72e2c0decee9e4dea2 Low Vendor Manifest x-basepom-name jackson-datatype-protobuf Medium Vendor pom artifactid jackson-datatype-protobuf Low Vendor pom developer email jhaber@hubspot.com Low Vendor pom developer name Jonathan Haber Medium Vendor pom groupid com.hubspot.jackson Highest Vendor pom parent-artifactid basepom Low Vendor pom parent-groupid com.hubspot Medium Product file name jackson-datatype-protobuf High Product gradle artifactid jackson-datatype-protobuf Highest Product jar package name datatype Highest Product jar package name hubspot Highest Product jar package name jackson Highest Product jar package name protobuf Highest Product Manifest build-jdk-spec 11 Low Product Manifest Implementation-Title jackson-datatype-protobuf High Product Manifest specification-title jackson-datatype-protobuf Medium Product Manifest x-basepom-build-id 8d3b01cb-fab7-4315-8b31-b77cac7ac86e Low Product Manifest x-basepom-git-commit-id 686abc9c7de22cb364eebf72e2c0decee9e4dea2 Low Product Manifest x-basepom-name jackson-datatype-protobuf Medium Product pom artifactid jackson-datatype-protobuf Highest Product pom developer email jhaber@hubspot.com Low Product pom developer name Jonathan Haber Low Product pom groupid com.hubspot.jackson Highest Product pom parent-artifactid basepom Medium Product pom parent-groupid com.hubspot Medium Version file version 0.9.15 High Version gradle version 0.9.15 Highest Version Manifest Implementation-Version 0.9.15 High Version pom parent-version 0.9.15 Low Version pom version 0.9.15 Highest
jackson-module-parameter-names-2.15.4.jar jakarta.activation-api-2.1.3.jar jakarta.annotation-api-1.3.5.jarDescription:
Jakarta Annotations API License:
EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/jakarta.annotation/jakarta.annotation-api/1.3.5/59eb84ee0d616332ff44aba065f3888cf002cd2d/jakarta.annotation-api-1.3.5.jar
MD5: 8b165cf58df5f8c2a222f637c0a07c97
SHA1: 59eb84ee0d616332ff44aba065f3888cf002cd2d
SHA256: 85fb03fc054cdf4efca8efd9b6712bbb418e1ab98241c4539c8585bbc23e1b8a
Referenced In Projects/Scopes: opencdx-proto:compileProtoPath opencdx-proto:compileClasspath jakarta.annotation-api-1.3.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name jakarta.annotation-api High Vendor gradle artifactid jakarta.annotation-api Highest Vendor gradle groupid jakarta.annotation Highest Vendor jar package name annotation Highest Vendor Manifest automatic-module-name java.annotation Medium Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname jakarta.annotation-api Medium Vendor Manifest extension-name jakarta.annotation Medium Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest Implementation-Vendor-Id org.glassfish Medium Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom artifactid jakarta.annotation-api Low Vendor pom developer name Linda De Michiel Medium Vendor pom developer org Oracle Corp. Medium Vendor pom groupid jakarta.annotation Highest Vendor pom name Jakarta Annotations API High Vendor pom parent-artifactid ca-parent Low Vendor pom url https://projects.eclipse.org/projects/ee4j.ca Highest Product file name jakarta.annotation-api High Product gradle artifactid jakarta.annotation-api Highest Product jar package name annotation Highest Product Manifest automatic-module-name java.annotation Medium Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name Jakarta Annotations API Medium Product Manifest bundle-symbolicname jakarta.annotation-api Medium Product Manifest extension-name jakarta.annotation Medium Product pom artifactid jakarta.annotation-api Highest Product pom developer name Linda De Michiel Low Product pom developer org Oracle Corp. Low Product pom groupid jakarta.annotation Highest Product pom name Jakarta Annotations API High Product pom parent-artifactid ca-parent Medium Product pom url https://projects.eclipse.org/projects/ee4j.ca Medium Version file version 1.3.5 High Version gradle version 1.3.5 Highest Version Manifest Bundle-Version 1.3.5 High Version Manifest Implementation-Version 1.3.5 High Version pom version 1.3.5 Highest
jakarta.annotation-api-2.1.1.jar jakarta.inject-api-2.0.1.jarDescription:
Jakarta Dependency Injection License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/jakarta.inject/jakarta.inject-api/2.0.1/4c28afe1991a941d7702fe1362c365f0a8641d1e/jakarta.inject-api-2.0.1.jar
MD5: 72003bf6efcc8455d414bbd7da86c11c
SHA1: 4c28afe1991a941d7702fe1362c365f0a8641d1e
SHA256: f7dc98062fccf14126abb751b64fab12c312566e8cbdc8483598bffcea93af7c
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath jakarta.inject-api-2.0.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name jakarta.inject-api High Vendor gradle artifactid jakarta.inject-api Highest Vendor gradle groupid jakarta.inject Highest Vendor jar package name inject Highest Vendor jar package name jakarta Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname jakarta.inject.jakarta.inject-api Medium Vendor pom artifactid jakarta.inject-api Low Vendor pom developer email asd[at]redhat[dot]com Low Vendor pom developer email manovotn[at]redhat[dot]com Low Vendor pom developer email mkouba[at]redhat[dot]com Low Vendor pom developer email tremes[at]redhat[dot]com Low Vendor pom developer id asabotdu Medium Vendor pom developer id manovotn Medium Vendor pom developer id mkouba Medium Vendor pom developer id tremes Medium Vendor pom developer name Antoine Sabot-Durand Medium Vendor pom developer name Martin Kouba Medium Vendor pom developer name Matej Novotny Medium Vendor pom developer name Tomas Remes Medium Vendor pom developer org Red Hat Inc. Medium Vendor pom groupid jakarta.inject Highest Vendor pom name Jakarta Dependency Injection High Vendor pom parent-artifactid project Low Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor pom url eclipse-ee4j/injection-api Highest Product file name jakarta.inject-api High Product gradle artifactid jakarta.inject-api Highest Product jar package name inject Highest Product jar package name jakarta Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name Jakarta Dependency Injection Medium Product Manifest bundle-symbolicname jakarta.inject.jakarta.inject-api Medium Product pom artifactid jakarta.inject-api Highest Product pom developer email asd[at]redhat[dot]com Low Product pom developer email manovotn[at]redhat[dot]com Low Product pom developer email mkouba[at]redhat[dot]com Low Product pom developer email tremes[at]redhat[dot]com Low Product pom developer id asabotdu Low Product pom developer id manovotn Low Product pom developer id mkouba Low Product pom developer id tremes Low Product pom developer name Antoine Sabot-Durand Low Product pom developer name Martin Kouba Low Product pom developer name Matej Novotny Low Product pom developer name Tomas Remes Low Product pom developer org Red Hat Inc. Low Product pom groupid jakarta.inject Highest Product pom name Jakarta Dependency Injection High Product pom parent-artifactid project Medium Product pom parent-groupid org.eclipse.ee4j Medium Product pom url eclipse-ee4j/injection-api High Version file version 2.0.1 High Version gradle version 2.0.1 Highest Version Manifest Bundle-Version 2.0.1 High Version pom parent-version 2.0.1 Low Version pom version 2.0.1 Highest
jakarta.validation-api-3.0.2.jar jakarta.ws.rs-api-3.1.0.jarDescription:
Jakarta RESTful Web Services License:
EPL-2.0: http://www.eclipse.org/legal/epl-2.0
GPL-2.0-with-classpath-exception: https://www.gnu.org/software/classpath/license.html File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/jakarta.ws.rs/jakarta.ws.rs-api/3.1.0/15ce10d249a38865b58fc39521f10f29ab0e3363/jakarta.ws.rs-api-3.1.0.jar
MD5: 6ce4c6749e048456b2c452c1091689ca
SHA1: 15ce10d249a38865b58fc39521f10f29ab0e3363
SHA256: 6b3b3628b8b4aedda0d24c3354335e985497d8ef3c510b8f3028e920d5b8663d
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath jakarta.ws.rs-api-3.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name jakarta.ws.rs-api High Vendor gradle artifactid jakarta.ws.rs-api Highest Vendor gradle groupid jakarta.ws.rs Highest Vendor hint analyzer vendor web services Medium Vendor jar package name jakarta Highest Vendor jar package name rs Highest Vendor jar package name ws Highest Vendor Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Vendor Manifest bundle-symbolicname jakarta.ws.rs-api Medium Vendor Manifest extension-name jakarta.ws.rs Medium Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom artifactid jakarta.ws.rs-api Low Vendor pom developer email jaxrs-dev@eclipse.org Low Vendor pom developer id developers Medium Vendor pom developer name JAX-RS API Developers Medium Vendor pom groupid jakarta.ws.rs Highest Vendor pom name Jakarta RESTful WS API High Vendor pom organization name Eclipse Foundation High Vendor pom organization url https://www.eclipse.org/org/foundation/ Medium Vendor pom parent-artifactid all Low Vendor pom url eclipse-ee4j/jaxrs-api Highest Product file name jakarta.ws.rs-api High Product gradle artifactid jakarta.ws.rs-api Highest Product hint analyzer product web services Medium Product jar package name jakarta Highest Product jar package name rs Highest Product jar package name ws Highest Product Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Product Manifest Bundle-Name Jakarta RESTful WS API Medium Product Manifest bundle-symbolicname jakarta.ws.rs-api Medium Product Manifest extension-name jakarta.ws.rs Medium Product pom artifactid jakarta.ws.rs-api Highest Product pom developer email jaxrs-dev@eclipse.org Low Product pom developer id developers Low Product pom developer name JAX-RS API Developers Low Product pom groupid jakarta.ws.rs Highest Product pom name Jakarta RESTful WS API High Product pom organization name Eclipse Foundation Low Product pom organization url https://www.eclipse.org/org/foundation/ Low Product pom parent-artifactid all Medium Product pom url eclipse-ee4j/jaxrs-api High Version file version 3.1.0 High Version gradle version 3.1.0 Highest Version Manifest Bundle-Version 3.1.0 High Version Manifest Implementation-Version 3.1.0 High Version pom version 3.1.0 Highest
jakarta.xml.bind-api-4.0.2.jar java-2.16.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.github.solven-eu.cleanthat/java/2.16/980487883452eb48e866a6c09f4f297c50b2ddf8/java-2.16.jarMD5: 01756a3b89b993d994cf51174564223fSHA1: 980487883452eb48e866a6c09f4f297c50b2ddf8SHA256: 17f1f44a6aa15002791ea05833049135f36e575044437dc20f5509576fcdae6aReferenced In Projects/Scopes:
opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 java-2.16.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-discovery@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/OpenCDX@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-admin@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-gateway@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name java High Vendor gradle artifactid java Highest Vendor gradle groupid io.github.solven-eu.cleanthat Highest Vendor jar package name cleanthat Highest Vendor jar package name eu Highest Vendor jar package name solven Highest Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid java Low Vendor pom groupid io.github.solven-eu.cleanthat Highest Vendor pom parent-artifactid aggregator-cleanthat Low Product file name java High Product gradle artifactid java Highest Product jar package name cleanthat Highest Product jar package name eu Highest Product jar package name solven Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title java High Product pom artifactid java Highest Product pom groupid io.github.solven-eu.cleanthat Highest Product pom parent-artifactid aggregator-cleanthat Medium Version file version 2.16 High Version gradle version 2.16 Highest Version Manifest Implementation-Version 2.16 High Version pom version 2.16 Highest
java-diff-utils-4.12.jarDescription:
The DiffUtils library for computing diffs, applying patches, generationg side-by-side view in Java. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.github.java-diff-utils/java-diff-utils/4.12/1a712a91324d566eef39817fc5c9980eb10c21db/java-diff-utils-4.12.jar
MD5: 2bab3395dcfe2ea5b092ad646ca899d3
SHA1: 1a712a91324d566eef39817fc5c9980eb10c21db
SHA256: 9990a2039778f6b4cc94790141c2868864eacee0620c6c459451121a901cd5b5
Referenced In Projects/Scopes: opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 java-diff-utils-4.12.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name java-diff-utils High Vendor gradle artifactid java-diff-utils Highest Vendor gradle groupid io.github.java-diff-utils Highest Vendor jar package name github Highest Vendor Manifest automatic-module-name io.github.javadiffutils Medium Vendor Manifest bundle-symbolicname io.github.java-diff-utils Medium Vendor pom artifactid java-diff-utils Low Vendor pom groupid io.github.java-diff-utils Highest Vendor pom name java-diff-utils High Vendor pom parent-artifactid java-diff-utils-parent Low Product file name java-diff-utils High Product gradle artifactid java-diff-utils Highest Product jar package name diffutils Highest Product jar package name github Highest Product Manifest automatic-module-name io.github.javadiffutils Medium Product Manifest Bundle-Name java-diff-utils Medium Product Manifest bundle-symbolicname io.github.java-diff-utils Medium Product pom artifactid java-diff-utils Highest Product pom groupid io.github.java-diff-utils Highest Product pom name java-diff-utils High Product pom parent-artifactid java-diff-utils-parent Medium Version file version 4.12 High Version gradle version 4.12 Highest Version pom version 4.12 Highest
java10-shim-20240325.1.jarDescription:
Provides an implementation of java8-shim that interoperates with
Java >= 10 idioms for immutable collections.
File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.googlecode.owasp-java-html-sanitizer/java10-shim/20240325.1/c8d3f54399f1c02b7d955aacb9dbf17140af5650/java10-shim-20240325.1.jarMD5: 25e5bc58d9259f08a4d083f900cffdabSHA1: c8d3f54399f1c02b7d955aacb9dbf17140af5650SHA256: e4637fb9d825c23677d4526ab1ff58117702e54c30d260a047cea10a93be1a92Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath java10-shim-20240325.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20240325.1 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20240325.1 pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20240325.1 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name java10-shim High Vendor gradle artifactid java10-shim Highest Vendor gradle groupid com.googlecode.owasp-java-html-sanitizer Highest Vendor jar package name owasp Highest Vendor jar package name shim Highest Vendor Manifest build-jdk-spec 11 Low Vendor pom artifactid java10-shim Low Vendor pom groupid com.googlecode.owasp-java-html-sanitizer Highest Vendor pom name Java 10 Shim High Vendor pom parent-artifactid parent Low Product file name java10-shim High Product gradle artifactid java10-shim Highest Product jar package name owasp Highest Product jar package name shim Highest Product Manifest build-jdk-spec 11 Low Product pom artifactid java10-shim Highest Product pom groupid com.googlecode.owasp-java-html-sanitizer Highest Product pom name Java 10 Shim High Product pom parent-artifactid parent Medium Version file version 20240325.1 High Version gradle version 20240325.1 Highest Version pom version 20240325.1 Highest
java8-shim-20240325.1.jarDescription:
Backports @since Java 9 collection factories like List.of onto
Java8 in a way that uses the real ones where available, falls back
to a conforming implementation on Java8 and JIT compiles well.
File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.googlecode.owasp-java-html-sanitizer/java8-shim/20240325.1/8da7249140d2d46b69e56064780eea301ce760c3/java8-shim-20240325.1.jarMD5: c4be5b0d2f6574014dc68d127be0d438SHA1: 8da7249140d2d46b69e56064780eea301ce760c3SHA256: 11f5a6c345d5c48a9d47703b6552fce150c2af266a9915eb20c20ac6d87507faReferenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath java8-shim-20240325.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20240325.1 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20240325.1 pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20240325.1 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name java8-shim High Vendor gradle artifactid java8-shim Highest Vendor gradle groupid com.googlecode.owasp-java-html-sanitizer Highest Vendor jar package name owasp Highest Vendor jar package name shim Highest Vendor Manifest build-jdk-spec 11 Low Vendor pom artifactid java8-shim Low Vendor pom groupid com.googlecode.owasp-java-html-sanitizer Highest Vendor pom name Java 8 Shim High Vendor pom parent-artifactid parent Low Product file name java8-shim High Product gradle artifactid java8-shim Highest Product jar package name owasp Highest Product jar package name shim Highest Product Manifest build-jdk-spec 11 Low Product pom artifactid java8-shim Highest Product pom groupid com.googlecode.owasp-java-html-sanitizer Highest Product pom name Java 8 Shim High Product pom parent-artifactid parent Medium Version file version 20240325.1 High Version gradle version 20240325.1 Highest Version pom version 20240325.1 Highest
javaparser-core-3.25.3.jarDescription:
The core parser functionality. This may be all you need. License:
GNU Lesser General Public License: http://www.gnu.org/licenses/lgpl-3.0.html
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.github.javaparser/javaparser-core/3.25.3/55a960eea36e9ae20e48c500c3dd356b33331f1f/javaparser-core-3.25.3.jar
MD5: e396065348d52b3ec6ecf674ed274009
SHA1: 55a960eea36e9ae20e48c500c3dd356b33331f1f
SHA256: 7324bc18820dad7e9056f2035af3b5405d6e24a8a469a985d9aac44f15522c27
Referenced In Projects/Scopes: opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 javaparser-core-3.25.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name javaparser-core High Vendor gradle artifactid javaparser-core Highest Vendor gradle groupid com.github.javaparser Highest Vendor jar package name github Highest Vendor jar package name javaparser Highest Vendor Manifest automatic-module-name com.github.javaparser.core Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-developers matozoid;email="hexagonaal@gmail.com";name="Danny van Bruggen","jgesser@gmail.com";email="jgesser@gmail.com";name="Júlio Vilmar Gesser",sebastiankirsch;email="sebastian.kirsch@immobilienscout24.de";name="Sebastian Kirsch",before;name="André Rouél",SmiddyPence;email="smiddypence@gmail.com";name="Nicholas Smith",ftomassetti;email="federico@tomassetti.me";name="Federico Tomassetti",ptitjes;email="ptitjes@free.fr";name="Didier Villevalois",MysterAitch;name="Roger Howell",MysterAitch;name="Roger Howell",jlerbsc;name="Jean Pierre Lerbscher",maartenc;name="Maarten Coene" Low Vendor Manifest bundle-docurl https://github.com/javaparser/javaparser-core Low Vendor Manifest bundle-symbolicname com.github.javaparser.javaparser-core Medium Vendor pom artifactid javaparser-core Low Vendor pom groupid com.github.javaparser Highest Vendor pom parent-artifactid javaparser-parent Low Product file name javaparser-core High Product gradle artifactid javaparser-core Highest Product jar package name github Highest Product jar package name javaparser Highest Product Manifest automatic-module-name com.github.javaparser.core Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-developers matozoid;email="hexagonaal@gmail.com";name="Danny van Bruggen","jgesser@gmail.com";email="jgesser@gmail.com";name="Júlio Vilmar Gesser",sebastiankirsch;email="sebastian.kirsch@immobilienscout24.de";name="Sebastian Kirsch",before;name="André Rouél",SmiddyPence;email="smiddypence@gmail.com";name="Nicholas Smith",ftomassetti;email="federico@tomassetti.me";name="Federico Tomassetti",ptitjes;email="ptitjes@free.fr";name="Didier Villevalois",MysterAitch;name="Roger Howell",MysterAitch;name="Roger Howell",jlerbsc;name="Jean Pierre Lerbscher",maartenc;name="Maarten Coene" Low Product Manifest bundle-docurl https://github.com/javaparser/javaparser-core Low Product Manifest Bundle-Name javaparser-core Medium Product Manifest bundle-symbolicname com.github.javaparser.javaparser-core Medium Product pom artifactid javaparser-core Highest Product pom groupid com.github.javaparser Highest Product pom parent-artifactid javaparser-parent Medium Version file version 3.25.3 High Version gradle version 3.25.3 Highest Version Manifest Bundle-Version 3.25.3 High Version pom version 3.25.3 Highest
javaparser-symbol-solver-core-3.25.3.jarDescription:
A Symbol Solver for Java, built on top of JavaParser (core) License:
GNU Lesser General Public License: http://www.gnu.org/licenses/lgpl-3.0.html
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.github.javaparser/javaparser-symbol-solver-core/3.25.3/38c6143b14bdfd2e1e20b3a47cded11262bd014a/javaparser-symbol-solver-core-3.25.3.jar
MD5: 9176e6106fb24a4cb80053f882ba7c1e
SHA1: 38c6143b14bdfd2e1e20b3a47cded11262bd014a
SHA256: fc81af81c741ef3b97faebde79dd7ebb0697dafc1243ff4254111cc459d7dde9
Referenced In Projects/Scopes: opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 javaparser-symbol-solver-core-3.25.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name javaparser-symbol-solver-core High Vendor gradle artifactid javaparser-symbol-solver-core Highest Vendor gradle groupid com.github.javaparser Highest Vendor jar package name core Highest Vendor jar package name github Highest Vendor jar package name javaparser Highest Vendor jar package name symbolsolver Highest Vendor Manifest automatic-module-name com.github.javaparser.symbolsolver.core Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid javaparser-symbol-solver-core Low Vendor pom groupid com.github.javaparser Highest Vendor pom parent-artifactid javaparser-parent Low Product file name javaparser-symbol-solver-core High Product gradle artifactid javaparser-symbol-solver-core Highest Product jar package name core Highest Product jar package name github Highest Product jar package name javaparser Highest Product jar package name symbolsolver Highest Product Manifest automatic-module-name com.github.javaparser.symbolsolver.core Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid javaparser-symbol-solver-core Highest Product pom groupid com.github.javaparser Highest Product pom parent-artifactid javaparser-parent Medium Version file version 3.25.3 High Version gradle version 3.25.3 Highest Version pom version 3.25.3 Highest
javassist-3.18.2-GA.jarDescription:
Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation
simple. It is a class library for editing bytecodes in Java.
License:
MPL 1.1: http://www.mozilla.org/MPL/MPL-1.1.html
LGPL 2.1: http://www.gnu.org/licenses/lgpl-2.1.html
Apache License 2.0: http://www.apache.org/licenses/ File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.javassist/javassist/3.18.2-GA/1180a90fbad732b60fb728a6bbe8fcb3151423d7/javassist-3.18.2-GA.jar
MD5: 9c1d3fc0b4cb4fc553d9b4ec0edf5b90
SHA1: 1180a90fbad732b60fb728a6bbe8fcb3151423d7
SHA256: 3b6205716b7c0dc471def89fa367b1e97f085d6faac6acac6ac14e0cd67324b3
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath javassist-3.18.2-GA.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 Evidence Type Source Name Value Confidence Vendor file name javassist High Vendor gradle artifactid javassist Highest Vendor gradle groupid org.javassist Highest Vendor jar package name bytecode Highest Vendor jar package name javassist Highest Vendor Manifest bundle-symbolicname javassist Medium Vendor Manifest specification-vendor Shigeru Chiba, www.javassist.org Low Vendor pom artifactid javassist Low Vendor pom developer email adinn@redhat.com Low Vendor pom developer email chiba@javassist.org Low Vendor pom developer email kabir.khan@jboss.com Low Vendor pom developer email smarlow@redhat.com Low Vendor pom developer id adinn Medium Vendor pom developer id chiba Medium Vendor pom developer id kabir.khan@jboss.com Medium Vendor pom developer id smarlow Medium Vendor pom developer name Andrew Dinn Medium Vendor pom developer name Kabir Khan Medium Vendor pom developer name Scott Marlow Medium Vendor pom developer name Shigeru Chiba Medium Vendor pom developer org JBoss Medium Vendor pom developer org The Javassist Project Medium Vendor pom developer org URL http://www.javassist.org/ Medium Vendor pom developer org URL http://www.jboss.org/ Medium Vendor pom groupid org.javassist Highest Vendor pom name Javassist High Vendor pom url http://www.javassist.org/ Highest Product file name javassist High Product gradle artifactid javassist Highest Product jar package name bytecode Highest Product jar package name javassist Highest Product Manifest Bundle-Name Javassist Medium Product Manifest bundle-symbolicname javassist Medium Product Manifest specification-title Javassist Medium Product pom artifactid javassist Highest Product pom developer email adinn@redhat.com Low Product pom developer email chiba@javassist.org Low Product pom developer email kabir.khan@jboss.com Low Product pom developer email smarlow@redhat.com Low Product pom developer id adinn Low Product pom developer id chiba Low Product pom developer id kabir.khan@jboss.com Low Product pom developer id smarlow Low Product pom developer name Andrew Dinn Low Product pom developer name Kabir Khan Low Product pom developer name Scott Marlow Low Product pom developer name Shigeru Chiba Low Product pom developer org JBoss Low Product pom developer org The Javassist Project Low Product pom developer org URL http://www.javassist.org/ Low Product pom developer org URL http://www.jboss.org/ Low Product pom groupid org.javassist Highest Product pom name Javassist High Product pom url http://www.javassist.org/ Medium Version gradle version 3.18.2-GA Highest Version pom version 3.18.2-GA Highest
javassist-3.29.2-GA.jarDescription:
Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation
simple. It is a class library for editing bytecodes in Java.
License:
MPL 1.1: http://www.mozilla.org/MPL/MPL-1.1.html
LGPL 2.1: http://www.gnu.org/licenses/lgpl-2.1.html
Apache License 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.javassist/javassist/3.29.2-GA/6c32028609e5dd4a1b78e10fbcd122b09b3928b1/javassist-3.29.2-GA.jar
MD5: 9783c90ffa4d36eddda9526fde06f3ea
SHA1: 6c32028609e5dd4a1b78e10fbcd122b09b3928b1
SHA256: a90ddb25135df9e57ea9bd4e224e219554929758f9bae9965f29f81d60a3293f
Referenced In Projects/Scopes: opencdx-commons:spotless1659553931 opencdx-discovery:compileClasspath opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-discovery:productionRuntimeClasspath opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-discovery:runtimeClasspath opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 javassist-3.29.2-GA.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name javassist High Vendor gradle artifactid javassist Highest Vendor gradle groupid org.javassist Highest Vendor jar package name bytecode Highest Vendor jar package name javassist Highest Vendor Manifest automatic-module-name org.javassist Medium Vendor Manifest bundle-symbolicname javassist Medium Vendor Manifest specification-vendor Shigeru Chiba, www.javassist.org Low Vendor pom artifactid javassist Low Vendor pom developer email adinn@redhat.com Low Vendor pom developer email chiba@javassist.org Low Vendor pom developer email kabir.khan@jboss.com Low Vendor pom developer email smarlow@redhat.com Low Vendor pom developer id adinn Medium Vendor pom developer id chiba Medium Vendor pom developer id kabir.khan@jboss.com Medium Vendor pom developer id scottmarlow Medium Vendor pom developer name Andrew Dinn Medium Vendor pom developer name Kabir Khan Medium Vendor pom developer name Scott Marlow Medium Vendor pom developer name Shigeru Chiba Medium Vendor pom developer org JBoss Medium Vendor pom developer org The Javassist Project Medium Vendor pom developer org URL http://www.javassist.org/ Medium Vendor pom developer org URL http://www.jboss.org/ Medium Vendor pom groupid org.javassist Highest Vendor pom name Javassist High Vendor pom organization name Shigeru Chiba, www.javassist.org High Vendor pom url http://www.javassist.org/ Highest Product file name javassist High Product gradle artifactid javassist Highest Product jar package name bytecode Highest Product jar package name javassist Highest Product Manifest automatic-module-name org.javassist Medium Product Manifest Bundle-Name Javassist Medium Product Manifest bundle-symbolicname javassist Medium Product Manifest specification-title Javassist Medium Product pom artifactid javassist Highest Product pom developer email adinn@redhat.com Low Product pom developer email chiba@javassist.org Low Product pom developer email kabir.khan@jboss.com Low Product pom developer email smarlow@redhat.com Low Product pom developer id adinn Low Product pom developer id chiba Low Product pom developer id kabir.khan@jboss.com Low Product pom developer id scottmarlow Low Product pom developer name Andrew Dinn Low Product pom developer name Kabir Khan Low Product pom developer name Scott Marlow Low Product pom developer name Shigeru Chiba Low Product pom developer org JBoss Low Product pom developer org The Javassist Project Low Product pom developer org URL http://www.javassist.org/ Low Product pom developer org URL http://www.jboss.org/ Low Product pom groupid org.javassist Highest Product pom name Javassist High Product pom organization name Shigeru Chiba, www.javassist.org Low Product pom url http://www.javassist.org/ Medium Version gradle version 3.29.2-GA Highest Version Manifest specification-version 3.29.2-GA High Version pom version 3.29.2-GA Highest
javax.inject-1.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/javax.inject/javax.inject/1/6975da39a7040257bd51d21a231b76c915872d38/javax.inject-1.jarMD5: 289075e48b909e9e74e6c915b3631d2eSHA1: 6975da39a7040257bd51d21a231b76c915872d38SHA256: 91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ffReferenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath javax.inject-1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 Evidence Type Source Name Value Confidence Vendor file name javax.inject-1 High Vendor gradle artifactid javax.inject Highest Vendor gradle groupid javax.inject Highest Vendor jar package name inject Low Vendor jar package name javax Low Product file name javax.inject-1 High Product gradle artifactid javax.inject Highest Product jar package name inject Low Version file name javax.inject-1 Medium Version file version 1 Medium Version gradle version 1 Highest
jaxb-core-4.0.5.jarDescription:
JAXB Core module. Contains sources required by XJC, JXC and Runtime modules. License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.glassfish.jaxb/jaxb-core/4.0.5/7b4b11ea5542eea4ad55e1080b23be436795b3/jaxb-core-4.0.5.jar
MD5: ab09aef6bebd4438b0a02707881801e4
SHA1: 007b4b11ea5542eea4ad55e1080b23be436795b3
SHA256: ad3fd9bf00de3eda9859f70b6cfb011e2fe9904804e16a2665092888ece0fdca
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath jaxb-core-4.0.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name jaxb-core High Vendor gradle artifactid jaxb-core Highest Vendor gradle groupid org.glassfish.jaxb Highest Vendor jar package name core Highest Vendor jar package name glassfish Highest Vendor jar package name jaxb Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname org.glassfish.jaxb.core Medium Vendor Manifest git-revision cb19596 Low Vendor Manifest implementation-build-id 4.0.5 - cb19596 Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest Implementation-Vendor-Id org.glassfish.jaxb Medium Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom artifactid jaxb-core Low Vendor pom groupid org.glassfish.jaxb Highest Vendor pom name JAXB Core High Vendor pom parent-artifactid jaxb-parent Low Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Vendor pom url https://eclipse-ee4j.github.io/jaxb-ri/ Highest Product file name jaxb-core High Product gradle artifactid jaxb-core Highest Product jar package name core Highest Product jar package name glassfish Highest Product jar package name jaxb Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name JAXB Core Medium Product Manifest bundle-symbolicname org.glassfish.jaxb.core Medium Product Manifest git-revision cb19596 Low Product Manifest implementation-build-id 4.0.5 - cb19596 Low Product Manifest Implementation-Title Eclipse Implementation of JAXB High Product Manifest specification-title Jakarta XML Binding Medium Product pom artifactid jaxb-core Highest Product pom groupid org.glassfish.jaxb Highest Product pom name JAXB Core High Product pom parent-artifactid jaxb-parent Medium Product pom parent-groupid com.sun.xml.bind.mvn Medium Product pom url https://eclipse-ee4j.github.io/jaxb-ri/ Medium Version file version 4.0.5 High Version gradle version 4.0.5 Highest Version Manifest build-version 4.0.5 Medium Version Manifest Bundle-Version 4.0.5 High Version Manifest implementation-build-id 4.0.5 Low Version pom version 4.0.5 Highest
jaxb-runtime-4.0.5.jarDescription:
JAXB (JSR 222) Reference Implementation License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.glassfish.jaxb/jaxb-runtime/4.0.5/ca84c2a7169b5293e232b9d00d1e4e36d4c3914a/jaxb-runtime-4.0.5.jar
MD5: c7384f1f95b8a8e15291485ff9dbe4f3
SHA1: ca84c2a7169b5293e232b9d00d1e4e36d4c3914a
SHA256: 485d8940e76373a7f300815ea5504bf5b726c234425ad30971019d133124cca4
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath jaxb-runtime-4.0.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name jaxb-runtime High Vendor gradle artifactid jaxb-runtime Highest Vendor gradle groupid org.glassfish.jaxb Highest Vendor jar package name glassfish Highest Vendor jar package name jaxb Highest Vendor jar package name runtime Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname org.glassfish.jaxb.runtime Medium Vendor Manifest git-revision cb19596 Low Vendor Manifest implementation-build-id 4.0.5 - cb19596 Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest Implementation-Vendor-Id org.glassfish.jaxb Medium Vendor Manifest provide-capability osgi.serviceloader;osgi.serviceloader="jakarta.xml.bind.JAXBContextFactory" Low Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom artifactid jaxb-runtime Low Vendor pom groupid org.glassfish.jaxb Highest Vendor pom name JAXB Runtime High Vendor pom parent-artifactid jaxb-runtime-parent Low Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Vendor pom url https://eclipse-ee4j.github.io/jaxb-ri/ Highest Product file name jaxb-runtime High Product gradle artifactid jaxb-runtime Highest Product jar package name glassfish Highest Product jar package name jaxb Highest Product jar package name runtime Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name JAXB Runtime Medium Product Manifest bundle-symbolicname org.glassfish.jaxb.runtime Medium Product Manifest git-revision cb19596 Low Product Manifest implementation-build-id 4.0.5 - cb19596 Low Product Manifest Implementation-Title Eclipse Implementation of JAXB High Product Manifest provide-capability osgi.serviceloader;osgi.serviceloader="jakarta.xml.bind.JAXBContextFactory" Low Product Manifest specification-title Jakarta XML Binding Medium Product pom artifactid jaxb-runtime Highest Product pom groupid org.glassfish.jaxb Highest Product pom name JAXB Runtime High Product pom parent-artifactid jaxb-runtime-parent Medium Product pom parent-groupid com.sun.xml.bind.mvn Medium Product pom url https://eclipse-ee4j.github.io/jaxb-ri/ Medium Version file version 4.0.5 High Version gradle version 4.0.5 Highest Version Manifest build-version 4.0.5 Medium Version Manifest Bundle-Version 4.0.5 High Version Manifest implementation-build-id 4.0.5 Low Version pom version 4.0.5 Highest
jboss-logging-3.5.3.Final.jar jcl-over-slf4j-2.0.12.jarDescription:
JCL 1.2 implemented over SLF4J License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.slf4j/jcl-over-slf4j/2.0.12/4462ddec70c0126e580dd0a637cb105a3c7a99ab/jcl-over-slf4j-2.0.12.jar
MD5: c9101ee2f9fc767a92692246c7c5f025
SHA1: 4462ddec70c0126e580dd0a637cb105a3c7a99ab
SHA256: 3377f1bd98ef33e52bc29b4d6cca960715cffbf1a398a3824ae86486db04342f
Referenced In Projects/Scopes: opencdx-config:compileClasspath opencdx-classification:runtimeClasspath opencdx-config:runtimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-classification:compileClasspath opencdx-config:productionRuntimeClasspath jcl-over-slf4j-2.0.12.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name jcl-over-slf4j High Vendor gradle artifactid jcl-over-slf4j Highest Vendor gradle groupid org.slf4j Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl http://www.slf4j.org Low Vendor Manifest bundle-symbolicname jcl.over.slf4j Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by Apache Maven Bundle Plugin 5.1.9 Low Vendor pom artifactid jcl-over-slf4j Low Vendor pom groupid org.slf4j Highest Vendor pom name JCL 1.2 implemented over SLF4J High Vendor pom parent-artifactid slf4j-parent Low Vendor pom url http://www.slf4j.org Highest Product file name jcl-over-slf4j High Product gradle artifactid jcl-over-slf4j Highest Product jar package name 9 Highest Product jar package name apache Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl http://www.slf4j.org Low Product Manifest Bundle-Name JCL 1.2 implemented over SLF4J Medium Product Manifest bundle-symbolicname jcl.over.slf4j Medium Product Manifest Implementation-Title jcl-over-slf4j High Product Manifest multi-release true Low Product Manifest originally-created-by Apache Maven Bundle Plugin 5.1.9 Low Product pom artifactid jcl-over-slf4j Highest Product pom groupid org.slf4j Highest Product pom name JCL 1.2 implemented over SLF4J High Product pom parent-artifactid slf4j-parent Medium Product pom url http://www.slf4j.org Medium Version file version 2.0.12 High Version gradle version 2.0.12 Highest Version Manifest Bundle-Version 2.0.12 High Version Manifest Implementation-Version 2.0.12 High Version pom version 2.0.12 Highest
jersey-apache-connector-3.1.5.jarDescription:
Jersey Client Transport via Apache License:
http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html, http://www.eclipse.org/org/documents/edl-v10.php, https://opensource.org/licenses/BSD-2-Clause, http://www.apache.org/licenses/LICENSE-2.0.html, https://creativecommons.org/publicdomain/zero/1.0/, https://asm.ow2.io/license.html, jquery.org/license, http://www.opensource.org/licenses/mit-license.php, https://www.w3.org/Consortium/Legal/copyright-documents-19990405 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.glassfish.jersey.connectors/jersey-apache-connector/3.1.5/ec06316a19338bcc8236d6d5ac38b273ffbbd5cd/jersey-apache-connector-3.1.5.jar
MD5: c24683b5c688363c5ed64e1bd253e918
SHA1: ec06316a19338bcc8236d6d5ac38b273ffbbd5cd
SHA256: b8b4755c95b354dba879667f2784be62c343538ead4f451b33ac2ea64e90028c
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath jersey-apache-connector-3.1.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name jersey-apache-connector High Vendor gradle artifactid jersey-apache-connector Highest Vendor gradle groupid org.glassfish.jersey.connectors Highest Vendor jar package name apache Highest Vendor jar package name connector Highest Vendor jar package name glassfish Highest Vendor jar package name jersey Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Vendor Manifest bundle-symbolicname org.glassfish.jersey.connectors.jersey-apache-connector Medium Vendor pom artifactid jersey-apache-connector Low Vendor pom groupid org.glassfish.jersey.connectors Highest Vendor pom name jersey-connectors-apache High Vendor pom parent-artifactid project Low Product file name jersey-apache-connector High Product gradle artifactid jersey-apache-connector Highest Product jar package name apache Highest Product jar package name connector Highest Product jar package name glassfish Highest Product jar package name jersey Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Product Manifest Bundle-Name jersey-connectors-apache Medium Product Manifest bundle-symbolicname org.glassfish.jersey.connectors.jersey-apache-connector Medium Product pom artifactid jersey-apache-connector Highest Product pom groupid org.glassfish.jersey.connectors Highest Product pom name jersey-connectors-apache High Product pom parent-artifactid project Medium Version file version 3.1.5 High Version gradle version 3.1.5 Highest Version Manifest Bundle-Version 3.1.5 High Version pom version 3.1.5 Highest
jersey-client-3.1.5.jarDescription:
Jersey core client implementation License:
http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html, http://www.eclipse.org/org/documents/edl-v10.php, https://opensource.org/licenses/BSD-2-Clause, http://www.apache.org/licenses/LICENSE-2.0.html, https://creativecommons.org/publicdomain/zero/1.0/, https://asm.ow2.io/license.html, jquery.org/license, http://www.opensource.org/licenses/mit-license.php, https://www.w3.org/Consortium/Legal/copyright-documents-19990405 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.glassfish.jersey.core/jersey-client/3.1.5/15695e853b7583703aff98e543b95fa0ca4553/jersey-client-3.1.5.jar
MD5: fc31fcf3adee190f28c206428d67457d
SHA1: 0015695e853b7583703aff98e543b95fa0ca4553
SHA256: e26b824ceb81e0ca4b73c7810448fb5566ef0c17ac871add93a92c291e505243
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath jersey-client-3.1.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name jersey-client High Vendor gradle artifactid jersey-client Highest Vendor gradle groupid org.glassfish.jersey.core Highest Vendor jar package name client Highest Vendor jar package name glassfish Highest Vendor jar package name jersey Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Vendor Manifest bundle-symbolicname org.glassfish.jersey.core.jersey-client Medium Vendor pom artifactid jersey-client Low Vendor pom groupid org.glassfish.jersey.core Highest Vendor pom name jersey-core-client High Vendor pom parent-artifactid project Low Vendor pom parent-groupid org.glassfish.jersey Medium Product file name jersey-client High Product gradle artifactid jersey-client Highest Product jar package name client Highest Product jar package name glassfish Highest Product jar package name jersey Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Product Manifest Bundle-Name jersey-core-client Medium Product Manifest bundle-symbolicname org.glassfish.jersey.core.jersey-client Medium Product pom artifactid jersey-client Highest Product pom groupid org.glassfish.jersey.core Highest Product pom name jersey-core-client High Product pom parent-artifactid project Medium Product pom parent-groupid org.glassfish.jersey Medium Version file version 3.1.5 High Version gradle version 3.1.5 Highest Version Manifest Bundle-Version 3.1.5 High Version pom version 3.1.5 Highest
jersey-common-3.1.5.jarDescription:
Jersey core common packages License:
EPL 2.0: http://www.eclipse.org/legal/epl-2.0
The GNU General Public License (GPL), Version 2, With Classpath Exception: https://www.gnu.org/software/classpath/license.html
Apache License, 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
Public Domain: https://creativecommons.org/publicdomain/zero/1.0/ File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.glassfish.jersey.core/jersey-common/3.1.5/7a9edf47631e6588cf24f777f3e7f183d285a9e1/jersey-common-3.1.5.jar
MD5: 8b385d3f8136626ac2c4f01289a49951
SHA1: 7a9edf47631e6588cf24f777f3e7f183d285a9e1
SHA256: c7258f374433df583e50bbe5583fd6d6694393a322915024f719d21a218dc012
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath jersey-common-3.1.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name jersey-common High Vendor gradle artifactid jersey-common Highest Vendor gradle groupid org.glassfish.jersey.core Highest Vendor jar package name glassfish Highest Vendor jar package name jersey Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Vendor Manifest bundle-symbolicname org.glassfish.jersey.core.jersey-common Medium Vendor pom artifactid jersey-common Low Vendor pom groupid org.glassfish.jersey.core Highest Vendor pom name jersey-core-common High Vendor pom parent-artifactid project Low Vendor pom parent-groupid org.glassfish.jersey Medium Product file name jersey-common High Product gradle artifactid jersey-common Highest Product jar package name glassfish Highest Product jar package name jersey Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-activationpolicy lazy Low Product Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Product Manifest Bundle-Name jersey-core-common Medium Product Manifest bundle-symbolicname org.glassfish.jersey.core.jersey-common Medium Product pom artifactid jersey-common Highest Product pom groupid org.glassfish.jersey.core Highest Product pom name jersey-core-common High Product pom parent-artifactid project Medium Product pom parent-groupid org.glassfish.jersey Medium Version file version 3.1.5 High Version gradle version 3.1.5 Highest Version Manifest Bundle-Version 3.1.5 High Version pom version 3.1.5 Highest
jersey-container-servlet-3.1.5.jarDescription:
Jersey core Servlet 3.x implementation License:
http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html, http://www.eclipse.org/org/documents/edl-v10.php, https://opensource.org/licenses/BSD-2-Clause, http://www.apache.org/licenses/LICENSE-2.0.html, https://creativecommons.org/publicdomain/zero/1.0/, https://asm.ow2.io/license.html, jquery.org/license, http://www.opensource.org/licenses/mit-license.php, https://www.w3.org/Consortium/Legal/copyright-documents-19990405 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.glassfish.jersey.containers/jersey-container-servlet/3.1.5/975d3721667afd7cad552f76820f5b9eab13970c/jersey-container-servlet-3.1.5.jar
MD5: 0059722b9ebaee8b40de7dbb91d47ba6
SHA1: 975d3721667afd7cad552f76820f5b9eab13970c
SHA256: 183117586002b222a10571a8dedc0c6889565c66e84261fc9e4b673d70afece4
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath jersey-container-servlet-3.1.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name jersey-container-servlet High Vendor gradle artifactid jersey-container-servlet Highest Vendor gradle groupid org.glassfish.jersey.containers Highest Vendor jar package name glassfish Highest Vendor jar package name jersey Highest Vendor jar package name servlet Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Vendor Manifest bundle-symbolicname org.glassfish.jersey.containers.jersey-container-servlet Medium Vendor pom artifactid jersey-container-servlet Low Vendor pom groupid org.glassfish.jersey.containers Highest Vendor pom name jersey-container-servlet High Vendor pom parent-artifactid project Low Product file name jersey-container-servlet High Product gradle artifactid jersey-container-servlet Highest Product jar package name glassfish Highest Product jar package name jersey Highest Product jar package name servlet Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Product Manifest Bundle-Name jersey-container-servlet Medium Product Manifest bundle-symbolicname org.glassfish.jersey.containers.jersey-container-servlet Medium Product pom artifactid jersey-container-servlet Highest Product pom groupid org.glassfish.jersey.containers Highest Product pom name jersey-container-servlet High Product pom parent-artifactid project Medium Version file version 3.1.5 High Version gradle version 3.1.5 Highest Version Manifest Bundle-Version 3.1.5 High Version pom version 3.1.5 Highest
jersey-container-servlet-core-3.1.5.jarDescription:
Jersey core Servlet 3.x implementation License:
http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html, http://www.eclipse.org/org/documents/edl-v10.php, https://opensource.org/licenses/BSD-2-Clause, http://www.apache.org/licenses/LICENSE-2.0.html, https://creativecommons.org/publicdomain/zero/1.0/, https://asm.ow2.io/license.html, jquery.org/license, http://www.opensource.org/licenses/mit-license.php, https://www.w3.org/Consortium/Legal/copyright-documents-19990405 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.glassfish.jersey.containers/jersey-container-servlet-core/3.1.5/ff8fdbb987a65da00e9856b22c7e850e5179e259/jersey-container-servlet-core-3.1.5.jar
MD5: 6e5131857e48be4260021b4b460d7743
SHA1: ff8fdbb987a65da00e9856b22c7e850e5179e259
SHA256: d0785d1fac629a88d4637e7c2cce76ae1bdf8569d3e8c15625a0c2b27fabe779
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath jersey-container-servlet-core-3.1.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name jersey-container-servlet-core High Vendor gradle artifactid jersey-container-servlet-core Highest Vendor gradle groupid org.glassfish.jersey.containers Highest Vendor jar package name glassfish Highest Vendor jar package name jersey Highest Vendor jar package name servlet Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Vendor Manifest bundle-symbolicname org.glassfish.jersey.containers.jersey-container-servlet-core Medium Vendor pom artifactid jersey-container-servlet-core Low Vendor pom groupid org.glassfish.jersey.containers Highest Vendor pom name jersey-container-servlet-core High Vendor pom parent-artifactid project Low Product file name jersey-container-servlet-core High Product gradle artifactid jersey-container-servlet-core Highest Product jar package name glassfish Highest Product jar package name jersey Highest Product jar package name servlet Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Product Manifest Bundle-Name jersey-container-servlet-core Medium Product Manifest bundle-symbolicname org.glassfish.jersey.containers.jersey-container-servlet-core Medium Product pom artifactid jersey-container-servlet-core Highest Product pom groupid org.glassfish.jersey.containers Highest Product pom name jersey-container-servlet-core High Product pom parent-artifactid project Medium Version file version 3.1.5 High Version gradle version 3.1.5 Highest Version Manifest Bundle-Version 3.1.5 High Version pom version 3.1.5 Highest
jersey-hk2-3.1.5.jarDescription:
HK2 InjectionManager implementation License:
http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html, http://www.eclipse.org/org/documents/edl-v10.php, https://opensource.org/licenses/BSD-2-Clause, http://www.apache.org/licenses/LICENSE-2.0.html, https://creativecommons.org/publicdomain/zero/1.0/, https://asm.ow2.io/license.html, jquery.org/license, http://www.opensource.org/licenses/mit-license.php, https://www.w3.org/Consortium/Legal/copyright-documents-19990405 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.glassfish.jersey.inject/jersey-hk2/3.1.5/9ecb5339c3de02e5939c72657e74e2c5fdeb71c8/jersey-hk2-3.1.5.jar
MD5: e246f08642259c8f0b1312238e98c2eb
SHA1: 9ecb5339c3de02e5939c72657e74e2c5fdeb71c8
SHA256: 0c9496cfc6b4f9b223c44c83b4df3edea7924ce4d52bffb55cf180e9ec4b4eeb
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath jersey-hk2-3.1.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name jersey-hk2 High Vendor gradle artifactid jersey-hk2 Highest Vendor gradle groupid org.glassfish.jersey.inject Highest Vendor jar package name glassfish Highest Vendor jar package name hk2 Highest Vendor jar package name inject Highest Vendor jar package name jersey Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Vendor Manifest bundle-symbolicname org.glassfish.jersey.inject.jersey-hk2 Medium Vendor pom artifactid jersey-hk2 Low Vendor pom groupid org.glassfish.jersey.inject Highest Vendor pom name jersey-inject-hk2 High Vendor pom parent-artifactid project Low Product file name jersey-hk2 High Product gradle artifactid jersey-hk2 Highest Product jar package name glassfish Highest Product jar package name hk2 Highest Product jar package name inject Highest Product jar package name jersey Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Product Manifest Bundle-Name jersey-inject-hk2 Medium Product Manifest bundle-symbolicname org.glassfish.jersey.inject.jersey-hk2 Medium Product pom artifactid jersey-hk2 Highest Product pom groupid org.glassfish.jersey.inject Highest Product pom name jersey-inject-hk2 High Product pom parent-artifactid project Medium Version file version 3.1.5 High Version gradle version 3.1.5 Highest Version Manifest Bundle-Version 3.1.5 High Version pom version 3.1.5 Highest
jersey-server-3.1.5.jarDescription:
Jersey core server implementation License:
EPL 2.0: http://www.eclipse.org/legal/epl-2.0
The GNU General Public License (GPL), Version 2, With Classpath Exception: https://www.gnu.org/software/classpath/license.html
Apache License, 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
Modified BSD: https://asm.ow2.io/license.html File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.glassfish.jersey.core/jersey-server/3.1.5/30dd9ec9bdb832f7223e293e1f367c695506cad1/jersey-server-3.1.5.jar
MD5: 220237ee6d19e0c5e5bfdeeac95bca5a
SHA1: 30dd9ec9bdb832f7223e293e1f367c695506cad1
SHA256: a9b95e4ecc68ab0642c9c4a650482630edec995bd1a740d6223616a282b05e76
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath jersey-server-3.1.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name jersey-server High Vendor gradle artifactid jersey-server Highest Vendor gradle groupid org.glassfish.jersey.core Highest Vendor jar package name glassfish Highest Vendor jar package name jersey Highest Vendor jar package name org Highest Vendor jar package name server Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Vendor Manifest bundle-symbolicname org.glassfish.jersey.core.jersey-server Medium Vendor pom artifactid jersey-server Low Vendor pom groupid org.glassfish.jersey.core Highest Vendor pom name jersey-core-server High Vendor pom parent-artifactid project Low Vendor pom parent-groupid org.glassfish.jersey Medium Product file name jersey-server High Product gradle artifactid jersey-server Highest Product jar package name glassfish Highest Product jar package name jersey Highest Product jar package name org Highest Product jar package name server Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://www.eclipse.org/org/foundation/ Low Product Manifest Bundle-Name jersey-core-server Medium Product Manifest bundle-symbolicname org.glassfish.jersey.core.jersey-server Medium Product pom artifactid jersey-server Highest Product pom groupid org.glassfish.jersey.core Highest Product pom name jersey-core-server High Product pom parent-artifactid project Medium Product pom parent-groupid org.glassfish.jersey Medium Version file version 3.1.5 High Version gradle version 3.1.5 Highest Version Manifest Bundle-Version 3.1.5 High Version pom version 3.1.5 Highest
jettison-1.4.0.jarDescription:
A StAX implementation for JSON. License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.codehaus.jettison/jettison/1.4.0/8f0e7bb69242e9ed5bfdf7384b37c1095b0974fc/jettison-1.4.0.jar
MD5: e52f1ecbc0de109bc689a14526ee4027
SHA1: 8f0e7bb69242e9ed5bfdf7384b37c1095b0974fc
SHA256: 769f05ee4e57a69734bad235f129f3fc2197193df2ef746bcd7cca43c999fba3
Referenced In Projects/Scopes: opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-discovery:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath jettison-1.4.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name jettison High Vendor gradle artifactid jettison Highest Vendor gradle groupid org.codehaus.jettison Highest Vendor jar package name codehaus Highest Vendor jar package name jettison Highest Vendor jar package name json Highest Vendor Manifest bundle-symbolicname org.codehaus.jettison.jettison Medium Vendor pom artifactid jettison Low Vendor pom developer name The Jettison Team Medium Vendor pom groupid org.codehaus.jettison Highest Vendor pom name Jettison High Vendor pom url jettison-json/jettison Highest Product file name jettison High Product gradle artifactid jettison Highest Product jar package name codehaus Highest Product jar package name jettison Highest Product jar package name json Highest Product Manifest Bundle-Name jettison Medium Product Manifest bundle-symbolicname org.codehaus.jettison.jettison Medium Product Manifest Implementation-Title Jettison High Product pom artifactid jettison Highest Product pom developer name The Jettison Team Low Product pom groupid org.codehaus.jettison Highest Product pom name Jettison High Product pom url jettison-json/jettison High Version file version 1.4.0 High Version gradle version 1.4.0 Highest Version Manifest Bundle-Version 1.4.0 High Version Manifest Implementation-Version 1.4.0 High Version pom version 1.4.0 Highest
CVE-2022-40149 suppress
Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack. CWE-787 Out-of-bounds Write, CWE-121 Stack-based Buffer Overflow
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2022-40150 suppress
Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by Out of memory. This effect may support a denial of service attack. CWE-400 Uncontrolled Resource Consumption, CWE-674 Uncontrolled Recursion
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2022-45685 suppress
A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service (DoS) via crafted JSON data. CWE-787 Out-of-bounds Write
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2022-45693 suppress
Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string. CWE-787 Out-of-bounds Write
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2023-1436 suppress
An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.
CWE-674 Uncontrolled Recursion
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions:
jgrapht-core-1.5.0.jarDescription:
A Java class library for graph-theory data structures and algorithms. License:
GNU Lesser General Public License Version 2.1, February 1999: http://jgrapht.sourceforge.net/LGPL.html
Eclipse Public License (EPL) 2.0: http://www.eclipse.org/legal/epl-v20.html File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.jgrapht/jgrapht-core/1.5.0/822a36ce09237f067a0278563e642af631e502ee/jgrapht-core-1.5.0.jar
MD5: 25bcf45160a48f4d89e7c86197608957
SHA1: 822a36ce09237f067a0278563e642af631e502ee
SHA256: da02ba38ceba3e5bf46f5cd19682bd8e7a3693ae20d0dfad47c0933681286049
Referenced In Projects/Scopes: opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath jgrapht-core-1.5.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 Evidence Type Source Name Value Confidence Vendor file name jgrapht-core High Vendor gradle artifactid jgrapht-core Highest Vendor gradle groupid org.jgrapht Highest Vendor jar package name jgrapht Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-symbolicname org.jgrapht.core Medium Vendor pom artifactid jgrapht-core Low Vendor pom groupid org.jgrapht Highest Vendor pom name JGraphT - Core High Vendor pom parent-artifactid jgrapht Low Product file name jgrapht-core High Product gradle artifactid jgrapht-core Highest Product jar package name graph Highest Product jar package name jgrapht Highest Product Manifest build-jdk-spec 11 Low Product Manifest Bundle-Name JGraphT - Core Medium Product Manifest bundle-symbolicname org.jgrapht.core Medium Product pom artifactid jgrapht-core Highest Product pom groupid org.jgrapht Highest Product pom name JGraphT - Core High Product pom parent-artifactid jgrapht Medium Version file version 1.5.0 High Version gradle version 1.5.0 Highest Version Manifest Bundle-Version 1.5.0 High Version pom version 1.5.0 Highest
CVE-2024-23078 (OSSINDEX) suppress
JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification. CWE-476 NULL Pointer Dereference
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.jgrapht:jgrapht-core:1.5.0:*:*:*:*:*:*:* jheaps-0.14-r3.jarFile Path: /Users/jeffmiller/.m2/repository/dev/ikm/jpms/jheaps/0.14-r3/jheaps-0.14-r3.jarMD5: 3873f30210f2a11438aebba8a55a7595SHA1: dacb2ad9cb87eb93734d43478b57d9ea29ff397cSHA256: 1ad3291871fce93ff91f9d3d164bc42e8b498026082203a98448fbb7f38b0d41Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath jheaps-0.14-r3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 Evidence Type Source Name Value Confidence Vendor file name jheaps High Vendor gradle artifactid jheaps Highest Vendor gradle groupid dev.ikm.jpms Highest Vendor jar package name jheaps Highest Vendor Manifest build-jdk-spec 19 Low Vendor pom artifactid jheaps Low Vendor pom groupid dev.ikm.jpms Highest Vendor pom name JHeaps High Vendor pom parent-artifactid java-parent Low Vendor pom parent-groupid dev.ikm.build Medium Product file name jheaps High Product gradle artifactid jheaps Highest Product jar package name jheaps Highest Product Manifest build-jdk-spec 19 Low Product pom artifactid jheaps Highest Product pom groupid dev.ikm.jpms Highest Product pom name JHeaps High Product pom parent-artifactid java-parent Medium Product pom parent-groupid dev.ikm.build Medium Version pom version 0.4.0 Highest
jimfs-1.2.jarDescription:
Jimfs is an in-memory implementation of Java 7's java.nio.file abstract file system API.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.google.jimfs/jimfs/1.2/48462eb319817c90c27d377341684b6b81372e08/jimfs-1.2.jar
MD5: c47cfe0223863f400132e6d8f38a8da0
SHA1: 48462eb319817c90c27d377341684b6b81372e08
SHA256: de16d5c8489729a8512f1a02fbd81f58f89249b72066987da4cc5c87ecb9f72d
Referenced In Projects/Scopes: opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 jimfs-1.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name jimfs High Vendor gradle artifactid jimfs Highest Vendor gradle groupid com.google.jimfs Highest Vendor jar package name file Highest Vendor jar package name google Highest Vendor jar package name jimfs Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl http://www.google.com/ Low Vendor Manifest bundle-symbolicname com.google.jimfs Medium Vendor pom artifactid jimfs Low Vendor pom groupid com.google.jimfs Highest Vendor pom name Jimfs High Vendor pom parent-artifactid jimfs-parent Low Product file name jimfs High Product gradle artifactid jimfs Highest Product jar package name file Highest Product jar package name google Highest Product jar package name jimfs Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl http://www.google.com/ Low Product Manifest Bundle-Name Jimfs Medium Product Manifest bundle-symbolicname com.google.jimfs Medium Product pom artifactid jimfs Highest Product pom groupid com.google.jimfs Highest Product pom name Jimfs High Product pom parent-artifactid jimfs-parent Medium Version file version 1.2 High Version gradle version 1.2 Highest Version pom version 1.2 Highest
jjwt-api-0.12.3.jarDescription:
JSON Web Token support for the JVM and Android License:
https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.jsonwebtoken/jjwt-api/0.12.3/30b7de9176d17fa347eef14b85480825dab76b58/jjwt-api-0.12.3.jar
MD5: 2138a39cf29d1355c0da3d6d7ec60c9a
SHA1: 30b7de9176d17fa347eef14b85480825dab76b58
SHA256: 013dd3189fa62b433a0781eb6cfce1986aa00d1ea08d2f44a5c5047c7fab4722
Referenced In Projects/Scopes: opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath jjwt-api-0.12.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.jsonwebtoken/jjwt-jackson@0.12.3 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.jsonwebtoken/jjwt-impl@0.12.3 pkg:maven/io.jsonwebtoken/jjwt-jackson@0.12.3 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.jsonwebtoken/jjwt-jackson@0.12.3 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.jsonwebtoken/jjwt-impl@0.12.3 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/io.jsonwebtoken/jjwt-jackson@0.12.3 pkg:maven/io.jsonwebtoken/jjwt-impl@0.12.3 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.jsonwebtoken/jjwt-impl@0.12.3 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/io.jsonwebtoken/jjwt-impl@0.12.3 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.jsonwebtoken/jjwt-jackson@0.12.3 pkg:maven/io.jsonwebtoken/jjwt-jackson@0.12.3 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.jsonwebtoken/jjwt-impl@0.12.3 Evidence Type Source Name Value Confidence Vendor file name jjwt-api High Vendor gradle artifactid jjwt-api Highest Vendor gradle groupid io.jsonwebtoken Highest Vendor jar package name io Highest Vendor jar package name jsonwebtoken Highest Vendor Manifest build-jdk-spec 1.7 Low Vendor Manifest bundle-docurl https://github.com/jwtk/jjwt Low Vendor Manifest bundle-symbolicname io.jsonwebtoken.jjwt-api Medium Vendor Manifest implementation-url https://github.com/jwtk/jjwt/jjwt-api Low Vendor Manifest Implementation-Vendor jsonwebtoken.io High Vendor Manifest Implementation-Vendor-Id io.jsonwebtoken Medium Vendor Manifest specification-vendor jsonwebtoken.io Low Vendor pom artifactid jjwt-api Low Vendor pom groupid io.jsonwebtoken Highest Vendor pom name JJWT :: API High Vendor pom parent-artifactid jjwt-root Low Product file name jjwt-api High Product gradle artifactid jjwt-api Highest Product jar package name io Highest Product jar package name jsonwebtoken Highest Product Manifest build-jdk-spec 1.7 Low Product Manifest bundle-docurl https://github.com/jwtk/jjwt Low Product Manifest Bundle-Name JJWT :: API Medium Product Manifest bundle-symbolicname io.jsonwebtoken.jjwt-api Medium Product Manifest Implementation-Title JJWT :: API High Product Manifest implementation-url https://github.com/jwtk/jjwt/jjwt-api Low Product Manifest specification-title JJWT :: API Medium Product pom artifactid jjwt-api Highest Product pom groupid io.jsonwebtoken Highest Product pom name JJWT :: API High Product pom parent-artifactid jjwt-root Medium Version file version 0.12.3 High Version gradle version 0.12.3 Highest Version Manifest Bundle-Version 0.12.3 High Version Manifest Implementation-Version 0.12.3 High Version pom version 0.12.3 Highest
jjwt-impl-0.12.3.jarDescription:
JSON Web Token support for the JVM and Android License:
https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.jsonwebtoken/jjwt-impl/0.12.3/e850d2b3f53bd82355cd9ee1c471054aa602b320/jjwt-impl-0.12.3.jar
MD5: e95b00a5a70ce1c0be24c086dedb0930
SHA1: e850d2b3f53bd82355cd9ee1c471054aa602b320
SHA256: 6bbba1fc9ff3fc06aa3e6f2b85d5269373cd60ece47d923e1078b179c83bb45c
Referenced In Projects/Scopes: opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath jjwt-impl-0.12.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name jjwt-impl High Vendor gradle artifactid jjwt-impl Highest Vendor gradle groupid io.jsonwebtoken Highest Vendor jar package name impl Highest Vendor jar package name io Highest Vendor jar package name jsonwebtoken Highest Vendor Manifest build-jdk-spec 1.7 Low Vendor Manifest bundle-docurl https://github.com/jwtk/jjwt Low Vendor Manifest bundle-symbolicname io.jsonwebtoken.jjwt-impl Medium Vendor Manifest fragment-host io.jsonwebtoken.jjwt-api Low Vendor Manifest implementation-url https://github.com/jwtk/jjwt/jjwt-impl Low Vendor Manifest Implementation-Vendor jsonwebtoken.io High Vendor Manifest Implementation-Vendor-Id io.jsonwebtoken Medium Vendor Manifest specification-vendor jsonwebtoken.io Low Vendor pom artifactid jjwt-impl Low Vendor pom groupid io.jsonwebtoken Highest Vendor pom name JJWT :: Impl High Vendor pom parent-artifactid jjwt-root Low Product file name jjwt-impl High Product gradle artifactid jjwt-impl Highest Product jar package name impl Highest Product jar package name io Highest Product jar package name jsonwebtoken Highest Product Manifest build-jdk-spec 1.7 Low Product Manifest bundle-docurl https://github.com/jwtk/jjwt Low Product Manifest Bundle-Name JJWT :: Impl Medium Product Manifest bundle-symbolicname io.jsonwebtoken.jjwt-impl Medium Product Manifest fragment-host io.jsonwebtoken.jjwt-api Low Product Manifest Implementation-Title JJWT :: Impl High Product Manifest implementation-url https://github.com/jwtk/jjwt/jjwt-impl Low Product Manifest specification-title JJWT :: Impl Medium Product pom artifactid jjwt-impl Highest Product pom groupid io.jsonwebtoken Highest Product pom name JJWT :: Impl High Product pom parent-artifactid jjwt-root Medium Version file version 0.12.3 High Version gradle version 0.12.3 Highest Version Manifest Bundle-Version 0.12.3 High Version Manifest Implementation-Version 0.12.3 High Version pom version 0.12.3 Highest
jjwt-jackson-0.12.3.jarDescription:
JSON Web Token support for the JVM and Android License:
https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.jsonwebtoken/jjwt-jackson/0.12.3/5e6d0e45441547d892d3273a4ce5dd042e91d162/jjwt-jackson-0.12.3.jar
MD5: 58d7702da3456a9abd95ff15ddd16d8e
SHA1: 5e6d0e45441547d892d3273a4ce5dd042e91d162
SHA256: cd9a28261323bd926add4344f786220b40937de476270a02e849486f940b30cb
Referenced In Projects/Scopes: opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath jjwt-jackson-0.12.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name jjwt-jackson High Vendor gradle artifactid jjwt-jackson Highest Vendor gradle groupid io.jsonwebtoken Highest Vendor jar package name io Highest Vendor jar package name jackson Highest Vendor jar package name jsonwebtoken Highest Vendor Manifest build-jdk-spec 1.7 Low Vendor Manifest bundle-docurl https://github.com/jwtk/jjwt Low Vendor Manifest bundle-symbolicname io.jsonwebtoken.jjwt-jackson Medium Vendor Manifest fragment-host io.jsonwebtoken.jjwt-api Low Vendor Manifest implementation-url https://github.com/jwtk/jjwt/jjwt-jackson Low Vendor Manifest Implementation-Vendor jsonwebtoken.io High Vendor Manifest Implementation-Vendor-Id io.jsonwebtoken Medium Vendor Manifest specification-vendor jsonwebtoken.io Low Vendor pom artifactid jjwt-jackson Low Vendor pom groupid io.jsonwebtoken Highest Vendor pom name JJWT :: Extensions :: Jackson High Vendor pom parent-artifactid jjwt-root Low Product file name jjwt-jackson High Product gradle artifactid jjwt-jackson Highest Product jar package name io Highest Product jar package name jackson Highest Product jar package name jsonwebtoken Highest Product Manifest build-jdk-spec 1.7 Low Product Manifest bundle-docurl https://github.com/jwtk/jjwt Low Product Manifest Bundle-Name JJWT :: Extensions :: Jackson Medium Product Manifest bundle-symbolicname io.jsonwebtoken.jjwt-jackson Medium Product Manifest fragment-host io.jsonwebtoken.jjwt-api Low Product Manifest Implementation-Title JJWT :: Extensions :: Jackson High Product Manifest implementation-url https://github.com/jwtk/jjwt/jjwt-jackson Low Product Manifest specification-title JJWT :: Extensions :: Jackson Medium Product pom artifactid jjwt-jackson Highest Product pom groupid io.jsonwebtoken Highest Product pom name JJWT :: Extensions :: Jackson High Product pom parent-artifactid jjwt-root Medium Version file version 0.12.3 High Version gradle version 0.12.3 Highest Version Manifest Bundle-Version 0.12.3 High Version Manifest Implementation-Version 0.12.3 High Version pom version 0.12.3 Highest
jnats-2.17.2.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.nats/jnats/2.17.2/264222af423099c6aea1ab0d337468611a888ae/jnats-2.17.2.jarMD5: ff738d30e5e3e1094dcbc4274460fce6SHA1: 0264222af423099c6aea1ab0d337468611a888aeSHA256: 6870710db1b393bdf8e34b29ee4285ee9deb45dc739af7d86613decdbd8aef14Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath jnats-2.17.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.nats/nats-spring@0.5.7 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.nats/nats-spring@0.5.7 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.nats/nats-spring@0.5.7 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name jnats High Vendor gradle artifactid jnats Highest Vendor gradle groupid io.nats Highest Vendor jar package name client Low Vendor jar package name io Highest Vendor jar package name io Low Vendor jar package name nats Highest Vendor jar package name nats Low Vendor Manifest automatic-module-name io.nats.jnats Medium Vendor Manifest bundle-symbolicname jnats Medium Vendor Manifest Implementation-Vendor nats.io High Product file name jnats High Product gradle artifactid jnats Highest Product jar package name client Low Product jar package name io Highest Product jar package name nats Highest Product jar package name nats Low Product Manifest automatic-module-name io.nats.jnats Medium Product Manifest Bundle-Name jnats Medium Product Manifest bundle-symbolicname jnats Medium Product Manifest Implementation-Title Java Nats High Version file version 2.17.2 High Version Manifest Implementation-Version 2.17.2 High
joda-time-2.3.jarDescription:
Date and time library to replace JDK date handling License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/joda-time/joda-time/2.3/56498efd17752898cfcc3868c1b6211a07b12b8f/joda-time-2.3.jar
MD5: ff85fe8f3ab26b36092475a95f43fb7e
SHA1: 56498efd17752898cfcc3868c1b6211a07b12b8f
SHA256: 602fd8006641f8b3afd589acbd9c9b356712bdcf0f9323557ec8648cd234983b
Referenced In Projects/Scopes: opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-discovery:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath joda-time-2.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name joda-time High Vendor gradle artifactid joda-time Highest Vendor gradle groupid joda-time Highest Vendor jar package name joda Highest Vendor jar package name time Highest Vendor Manifest bundle-docurl http://www.joda.org/joda-time/ Low Vendor Manifest bundle-symbolicname joda-time Medium Vendor Manifest extension-name joda-time Medium Vendor Manifest Implementation-Vendor Joda.org High Vendor Manifest Implementation-Vendor-Id org.joda Medium Vendor Manifest specification-vendor Joda.org Low Vendor pom artifactid joda-time Low Vendor pom developer id broneill Medium Vendor pom developer id scolebourne Medium Vendor pom developer name Brian S O'Neill Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom groupid joda-time Highest Vendor pom name Joda-Time High Vendor pom organization name Joda.org High Vendor pom organization url http://www.joda.org Medium Vendor pom url http://www.joda.org/joda-time/ Highest Product file name joda-time High Product gradle artifactid joda-time Highest Product jar package name joda Highest Product jar package name time Highest Product Manifest bundle-docurl http://www.joda.org/joda-time/ Low Product Manifest Bundle-Name Joda-Time Medium Product Manifest bundle-symbolicname joda-time Medium Product Manifest extension-name joda-time Medium Product Manifest Implementation-Title org.joda.time High Product Manifest specification-title Joda-Time Medium Product pom artifactid joda-time Highest Product pom developer id broneill Low Product pom developer id scolebourne Low Product pom developer name Brian S O'Neill Low Product pom developer name Stephen Colebourne Low Product pom groupid joda-time Highest Product pom name Joda-Time High Product pom organization name Joda.org Low Product pom organization url http://www.joda.org Low Product pom url http://www.joda.org/joda-time/ Medium Version file version 2.3 High Version gradle version 2.3 Highest Version Manifest Bundle-Version 2.3 High Version Manifest Implementation-Version 2.3 High Version pom version 2.3 Highest
jquery-3.6.1.min.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/javadoc/script-dir/jquery-3.6.1.min.jsMD5: 00727d1d5d9c90f7de826f1a4a9cc632SHA1: ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2SHA256: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery-ui.min.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/javadoc/script-dir/jquery-ui.min.jsMD5: a443ef25e4d347d30d3222a401f9ae54SHA1: 47c18aebea0d1116f19b279134e50c9f0d381405SHA256: a6c0904499f1efeef05641bd28fd7c73785e60f69ce9c699daf65af8b3720703Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery-ui.min.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/content/js/jquery-ui.min.jsMD5: 30a451c1686102d80f56f746803c2cb4SHA1: 528060a8af10ccf9e24f0403b0416e6d864537adSHA256: 08b13c0ce0b7a383d89e0e671e0aefaf58ef4e656cbeab2120e4e14476f8c8e1Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence Vendor file name jquery-ui High Product file name jquery-ui High Version file version 1.12.1 High
CVE-2021-41182 suppress
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A References:
info - https://github.com/jquery/jquery-ui/security/advisories/GHSA-9gj3-hwp5-pmwc info - https://nvd.nist.gov/vuln/detail/CVE-2021-41182 security-advisories@github.com - EXPLOIT,MITIGATION,THIRD_PARTY_ADVISORY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - RELEASE_NOTES,VENDOR_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY Vulnerable Software & Versions (NVD):
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.86 cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:jquery:*:* versions up to (excluding) 1.13.0 cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 22.1.1 cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:big_data_spatial_and_graph:*:*:*:*:*:*:*:* versions up to (excluding) 23.1 cpe:2.3:a:oracle:big_data_spatial_and_graph:23.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_inventory_management:9.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_suite8:*:*:*:*:*:*:*:* versions from (including) 8.11.0; versions up to (including) 8.14.0 cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* versions up to (including) 9.2.6.3 cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:* versions up to (including) 8.0.29 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.25 cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 17.7; versions up to (including) 17.12 cpe:2.3:a:oracle:primavera_unifier:17.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:17.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:17.9:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:17.10:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:17.11:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:17.12:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:* cpe:2.3:a:oracle:rest_data_services:*:*:*:*:-:*:*:* versions up to (excluding) 22.1.1 cpe:2.3:a:oracle:rest_data_services:22.1.1:*:*:*:-:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:* cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:* versions up to (excluding) 5.21.0 CVE-2021-41183 suppress
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A References:
info - https://bugs.jqueryui.com/ticket/15284 info - https://nvd.nist.gov/vuln/detail/CVE-2021-41183 security-advisories@github.com - EXPLOIT,MITIGATION,THIRD_PARTY_ADVISORY security-advisories@github.com - ISSUE_TRACKING,VENDOR_ADVISORY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,RELEASE_NOTES,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - RELEASE_NOTES,VENDOR_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY Vulnerable Software & Versions (NVD):
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.86 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 9.2.0; versions up to (excluding) 9.2.11 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 9.3.0; versions up to (excluding) 9.3.3 cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:jquery:*:* versions up to (excluding) 1.13.0 cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 22.1.1 cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:big_data_spatial_and_graph:*:*:*:*:*:*:*:* versions up to (excluding) 23.1 cpe:2.3:a:oracle:big_data_spatial_and_graph:23.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_inventory_management:9.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_suite8:*:*:*:*:*:*:*:* versions from (including) 8.11.0; versions up to (including) 11.14.0 cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* versions up to (including) 9.2.6.3 cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:* versions up to (including) 8.0.29 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.5 cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 17.7; versions up to (including) 17.12 cpe:2.3:a:oracle:primavera_gateway:18.8.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_gateway:19.12.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_gateway:20.12.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:rest_data_services:*:*:*:*:-:*:*:* versions up to (excluding) 22.1.1 cpe:2.3:a:oracle:rest_data_services:22.1.1:*:*:*:-:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:* cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:* versions up to (excluding) 5.21.0 CVE-2021-41184 suppress
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A References:
info - https://github.com/jquery/jquery-ui/security/advisories/GHSA-gpqq-952q-5327 info - https://nvd.nist.gov/vuln/detail/CVE-2021-41184 security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - MITIGATION,PATCH,VENDOR_ADVISORY security-advisories@github.com - PATCH,RELEASE_NOTES,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,VENDOR_ADVISORY security-advisories@github.com - RELEASE_NOTES,VENDOR_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY Vulnerable Software & Versions (NVD):
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.86 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 9.2.0; versions up to (excluding) 9.2.11 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 9.3.0; versions up to (excluding) 9.3.3 cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:jquery:*:* versions up to (excluding) 1.13.0 cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 22.1.1 cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:big_data_spatial_and_graph:*:*:*:*:*:*:*:* versions up to (excluding) 23.1 cpe:2.3:a:oracle:big_data_spatial_and_graph:23.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_inventory_management:9.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_suite8:*:*:*:*:*:*:*:* versions from (including) 8.11.0; versions up to (including) 8.14.0 cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* versions up to (including) 9.2.6.3 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.25 cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 17.7; versions up to (including) 17.12 cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:* cpe:2.3:a:oracle:rest_data_services:*:*:*:*:-:*:*:* versions up to (excluding) 22.1.1 cpe:2.3:a:oracle:rest_data_services:22.1.1:*:*:*:-:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:* cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:* versions up to (excluding) 5.21.0 CVE-2022-31160 suppress
jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents considered as the input label. Calling `.checkboxradio( "refresh" )` on such a widget and the initial HTML contained encoded HTML entities will make them erroneously get decoded. This can lead to potentially executing JavaScript code. The bug has been patched in jQuery UI 1.13.2. To remediate the issue, someone who can change the initial HTML can wrap all the non-input contents of the `label` in a `span`. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions (NVD):
cpe:2.3:a:drupal:jquery_ui_checkboxradio:8.x-1.0:*:*:*:*:drupal:*:* cpe:2.3:a:drupal:jquery_ui_checkboxradio:8.x-1.1:*:*:*:*:drupal:*:* cpe:2.3:a:drupal:jquery_ui_checkboxradio:8.x-1.2:*:*:*:*:drupal:*:* cpe:2.3:a:drupal:jquery_ui_checkboxradio:8.x-1.3:*:*:*:*:drupal:*:* cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:jquery:*:* versions up to (excluding) 1.13.2 cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* jquery.colorhelpers.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot/jquery.colorhelpers.jsMD5: 88e3b66abe16e03c573a0c969dde3f3cSHA1: 658e0c928ce129bb4be604d68bb8c8dc33cc3235SHA256: 09da5c94edc26c5d097343447ec56bb31f618d9d476a7652022f1b0a22643de8Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.cookie.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/content/js/jquery.cookie.jsMD5: d5528dde0006c78be04817327c2f9b6fSHA1: 31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8SHA256: b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.flot.axislabels.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot-axislabels/jquery.flot.axislabels.jsMD5: 2b90d0a0281dd769dc21223279dd7822SHA1: 019327a452b98386374437283328165c8c56a0ddSHA256: 002fd1985afe180e48a8551e18d2689826be3dda3009a1ce1cf006706a9726f6Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.flot.canvas.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot/jquery.flot.canvas.jsMD5: a8710d08b758015617c9518fcad90a69SHA1: 42c698631324b1c0044bd52a1e024f6781955a5aSHA256: 9931d4a47df2181e243900b9d4956e97faf8c954f7dfbea3ffdc580e5898b0a1Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.flot.categories.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot/jquery.flot.categories.jsMD5: b404141c778bcfa27d02f943352fbc4eSHA1: 54196fc214523c276f99eab1e6ed753602fc7f6eSHA256: 6e81664b28ea795c734906f4aa15614640a75ac7fbd399a7fb9084040698351aReferenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.flot.crosshair.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot/jquery.flot.crosshair.jsMD5: 78077b855f710839538571453a245a33SHA1: 1a570471b966e7ae6d546b8f513b604b4636d205SHA256: 5c19fde427cf06e6644c356b9dfdc5cc54dab1d435e684236522f564694ae749Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.flot.errorbars.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot/jquery.flot.errorbars.jsMD5: 73fcfdc8eb3b79de42e4e9a009749127SHA1: 2b078e837632d301981bf25c11dea945ba84b469SHA256: 7c4fc3cb19f8148fd980a13617eb9730affeb06db7d54e67ebe0eb2bcba74101Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.flot.fillbetween.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot/jquery.flot.fillbetween.jsMD5: 84e8ec6c5278063e64ee6e574190303aSHA1: 317ad7cee551412555699427e40d805218050f22SHA256: a3e45f52fb5c3f2b85ea20f9a0e486d536b3d6bbc41170eb67cf6cd87ce1a0e1Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.flot.image.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot/jquery.flot.image.jsMD5: 2947d3bde8e2384bd85e3faf6f44c433SHA1: 3b4893e9301f056e02df9e630ac126fda2e688d6SHA256: d2259e8ebff8a999010a1dc606fb9d721275dd663a247dbee70cf82ef1f11d0bReferenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.flot.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot/jquery.flot.jsMD5: 89bc8ea971e99653717fa69a73d70bb4SHA1: 5a830d8c757562cd3157e4dee5cc2f138487238aSHA256: b7b931f273c38b1277b9c6c1f4e05c4ec09885a487bddaf3279e2d7e49a38e12Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
Related Dependencies jquery.flot.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot.tooltip/js/jquery.flot.js MD5: 89bc8ea971e99653717fa69a73d70bb4 SHA1: 5a830d8c757562cd3157e4dee5cc2f138487238a SHA256: b7b931f273c38b1277b9c6c1f4e05c4ec09885a487bddaf3279e2d7e49a38e12 jquery.flot.navigate.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot/jquery.flot.navigate.jsMD5: 0fd6d20c90a468fd43d5573542cfab4bSHA1: 9ae46180e2e40cd19b16d5da5ca888e058fd1db2SHA256: 350ebfc0675ee86f051a4c305193a1575f681169b69ee8bd48c8f3ae1566816dReferenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.flot.pie.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot/jquery.flot.pie.jsMD5: 62dbbef98865feaa20a7f936c56ab931SHA1: 5f0d44a1b2db74915b5e7c2ab4b987a7250d87daSHA256: 46c11661df6074b1b56c221c53c8f9f5192f7ffd4eec7b73a03d53454b36d9c5Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.flot.resize.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot/jquery.flot.resize.jsMD5: 826b0d2739932ac103bf420dbadd048eSHA1: 2d8280fbabf9a1eabbcbc562b9763cb07952118bSHA256: 8b9f5146f324ab0fb6f260eee984732a8efb82633b93d68f64cb5cc38e7082eeReferenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.flot.selection.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot/jquery.flot.selection.jsMD5: 6e4a2701adaf2ace52c100aba5c3eaceSHA1: d23ac577ddc9e84418199594c7cb6226628f1c4cSHA256: e6c85f6c1ebe4b4da29d8ae238c7c5060283f05f7ef054f6b91817d02c092918Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.flot.stack.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/content/js/jquery.flot.stack.jsMD5: ee6678541a389d85f93a26906b28bec6SHA1: 1a8f6b6ec09c94b7c9d9072ed47009c0ba228130SHA256: 814787b5f5c91c05a99e20898487dd579c19c04730913800b2386dbf41a792f5Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.flot.stack.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot/jquery.flot.stack.jsMD5: 76945205e6094cc16871aef9b27606d7SHA1: 56f166fb0d60d360d32f65ad628150e1b96eed75SHA256: 8119b5d127f5f289f1c0e488c9233347d9239a340ad5e8df86b0d675eadc39f5Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.flot.symbol.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot/jquery.flot.symbol.jsMD5: ca6ad22013ca6285353f1cf0ed07b90eSHA1: f93b8b68bff54c802c503295a395b82e1c0636dcSHA256: 67313e781ff843a1c3a3904aafe3d3d46b158ff28e0cb04bb30c52a7e1d1df27Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.flot.threshold.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot/jquery.flot.threshold.jsMD5: acee3dea7eab3e1637f64ee5fa5adb98SHA1: ed0cdf34f93b17c2acbb008c446d5c59cb93aec9SHA256: 0d5950bb7a72560ee75f39fb8da9dc821debc7ea19e058b9cade9fa33b75d68dReferenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.flot.time.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot/jquery.flot.time.jsMD5: 6a49d955cbc76f5c2fecce8a185f6291SHA1: 3c53aa9a2198275d29821534e82f90f463ed1fabSHA256: a582c832adc7138a6b05aaf61f16ebac274701f1be4afea77e739a1c34b9c41aReferenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.flot.tooltip.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot.tooltip/js/jquery.flot.tooltip.jsMD5: 17907788421f3f27765c1b0ccdf2a406SHA1: 06ce87e50c8e16a1248522f714649033c5973c0fSHA256: 25cce5e221c2245386326fd89db223edc0c375d687960072a039eed0a62b3b3bReferenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.flot.tooltip.min.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot.tooltip/js/jquery.flot.tooltip.min.jsMD5: dd8e35bc06e2b4c087e2ece0bcccbe94SHA1: 6dc58f0ad4790969450c11c8d7fd5cb4559c0eafSHA256: 13611a6e939373f3438680b69d2458bbd711fd17295e326053da94eb6fe6cd51Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.flot.tooltip.source.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/flot.tooltip/js/jquery.flot.tooltip.source.jsMD5: a3894df446fd38c92d7aab3b74a1a51cSHA1: cba9345d6f60b340b568d63d12ecc3c5621c21b2SHA256: 5c56c1bcc149a8a88459e37810bb2bbc2652429a43e455bfc98a519f978240f0Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/jquery/dist/jquery.jsMD5: 6a07da9fae934baf3f749e876bbfdd96SHA1: 46a436eba01c79acdb225757ed80bf54bad6416bSHA256: d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fadReferenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence Vendor file name jquery High Product file name jquery High Version file version 3.3.1 High
CVE-2019-11358 suppress
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A References:
cve@mitre.org - BROKEN_LINK,THIRD_PARTY_ADVISORY,VDB_ENTRY cve@mitre.org - EXPLOIT,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING,MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY,VDB_ENTRY cve@mitre.org - THIRD_PARTY_ADVISORY,VDB_ENTRY cve@mitre.org - THIRD_PARTY_ADVISORY,VDB_ENTRY info - https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ info - https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b info - https://nvd.nist.gov/vuln/detail/CVE-2019-11358 Vulnerable Software & Versions (NVD):
cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:* versions from (including) 1.11.0; versions up to (excluding) 1.11.9 cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:* versions from (including) 1.12.0; versions up to (excluding) 1.12.6 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.66 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.5.0; versions up to (excluding) 8.5.15 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.6.0; versions up to (excluding) 8.6.15 cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* versions from (including) 3.0.0; versions up to (including) 3.9.4 cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0 cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from (including) 3.0; versions up to (including) 3.1.3 cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:* cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 19.1 cpe:2.3:a:oracle:application_service_level_management:13.2.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_service_level_management:13.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:13.1.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:13.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:13.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:* versions from (including) 2.7.0; versions up to (including) 2.8.0 cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:* versions from (including) 2.4.0; versions up to (including) 2.10.0 cpe:2.3:a:oracle:bi_publisher:5.5.0.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:big_data_discovery:1.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.4.0 cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:* versions from (including) 6.0; versions up to (including) 6.4 cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:* versions from (including) 4.1; versions up to (including) 4.3 cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:4.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_unified_inventory_management:7.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:diagnostic_assistant:2.12.36:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 7.3.3; versions up to (including) 7.3.5 cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_asset_liability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.9 cpe:2.3:a:oracle:financial_services_data_integration_hub:*:*:*:*:*:*:*:* versions from (including) 8.0.5; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.0.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.4.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.5.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.5:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_retail_customer_analytics:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.6 cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_simphony:*:*:*:*:*:*:*:* versions from (including) 19.1.0; versions up to (including) 19.1.2 cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:identity_manager:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:* versions from (including) 5.0.0.0; versions up to (including) 5.6.0.0 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_performance_insight:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper_and_adf:11.1.1.9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper_and_adf:12.1.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper_and_adf:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:knowledge:*:*:*:*:*:*:*:* versions from (including) 8.6.0; versions up to (including) 8.6.3 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.15 cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation:12.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation:12.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.15 cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 16.2.0; versions up to (including) 16.2.11 cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 17.12.0; versions up to (including) 17.12.7 cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 18.8.0; versions up to (including) 18.8.9 cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 19.12.0; versions up to (including) 19.12.4 cpe:2.3:a:oracle:primavera_gateway:15.2.18:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 17.7; versions up to (including) 17.12 cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:real-time_scheduler:*:*:*:*:*:*:*:* versions from (including) 2.3.0.1; versions up to (including) 2.3.0.3 cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:* cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:* cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:* cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:* cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:* cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_central_office:14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_point-of-service:14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:service_bus:11.1.1.9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:service_bus:12.1.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:service_bus:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:siebel_mobile_applications:*:*:*:*:*:*:*:* versions up to (including) 19.8 cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:system_utilities:19.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:tape_library_acsls:8.5:*:*:*:*:*:*:* cpe:2.3:a:oracle:tape_library_acsls:8.5.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:transportation_management:1.4.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:utilities_mobile_workforce_management:*:*:*:*:*:*:*:* versions from (including) 2.3.0.1; versions up to (including) 2.3.0.3 cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:cloudforms:4.7:*:*:*:*:*:*:* cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:* CVE-2020-11022 suppress
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A References:
info - https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ security-advisories@github.com - BROKEN_LINK security-advisories@github.com - BROKEN_LINK security-advisories@github.com - BROKEN_LINK security-advisories@github.com - EXPLOIT,THIRD_PARTY_ADVISORY,VDB_ENTRY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - MITIGATION,THIRD_PARTY_ADVISORY security-advisories@github.com - MITIGATION,VENDOR_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - RELEASE_NOTES,VENDOR_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY Vulnerable Software & Versions (NVD):
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.70 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.7.0; versions up to (excluding) 8.7.14 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.8.0; versions up to (excluding) 8.8.6 cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions from (including) 1.2; versions up to (excluding) 3.5.0 cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from (including) 3.0; versions up to (including) 3.1.3 cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:*:*:*:*:*:*:*:* versions from (including) 18.1; versions up to (including) 20.1 cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:* versions up to (excluding) 21.1.2 cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\::*:*:*:*:*:*:*:* versions from (including) 8.0.0; versions up to (including) 8.2.2 cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.4.0 cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.6.0.0; versions up to (including) 8.1.0.0.0 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.9 cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_profitability_management:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.9 cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_simphony:*:*:*:*:*:*:*:* versions from (including) 19.1.0; versions up to (including) 19.1.2 cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_simphony:19.1.0-19.1.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0 cpe:2.3:a:oracle:insurance_data_foundation:8.0.6-8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:* versions from (including) 5.0.0.0; versions up to (including) 5.6.0.0 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.20 cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.20 cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:storagetek_acsls:8.5.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:* cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:* versions up to (excluding) 6.0.9 CVE-2020-11023 suppress
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A References:
info - https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ security-advisories@github.com - BROKEN_LINK security-advisories@github.com - BROKEN_LINK security-advisories@github.com - BROKEN_LINK,MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - EXPLOIT,THIRD_PARTY_ADVISORY,VDB_ENTRY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - RELEASE_NOTES,VENDOR_ADVISORY security-advisories@github.com - RELEASE_NOTES,VENDOR_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY Vulnerable Software & Versions (NVD):
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.70 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.7.0; versions up to (excluding) 8.7.14 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.8.0; versions up to (excluding) 8.8.6 cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions from (including) 1.0.3; versions up to (excluding) 3.5.0 cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from (including) 3.0; versions up to (including) 3.1.3 cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:snapcenter_server:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 20.2 cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:* versions from (including) 2.7.0; versions up to (including) 2.8.0 cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:* versions from (including) 2.4.0; versions up to (including) 2.10.0 cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:* cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.4.0 cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:* versions from (including) 6.1; versions up to (including) 6.4 cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:* versions from (including) 4.1; versions up to (including) 4.3 cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:health_sciences_inform:6.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hyperion_financial_reporting:11.1.2.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:* versions up to (excluding) 9.2.5.0 cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* versions up to (excluding) 9.2.5.0 cpe:2.3:a:oracle:oss_support_tools:*:*:*:*:*:*:*:* versions up to (excluding) 2.12.41 cpe:2.3:a:oracle:peoplesoft_enterprise_human_capital_management_resources:9.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 16.2; versions up to (including) 16.2.11 cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 17.12.0; versions up to (including) 17.12.7 cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 18.8.0; versions up to (including) 18.8.9 cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 19.12.0; versions up to (including) 19.12.4 cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:* cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:* cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:* cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:* cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:* cpe:2.3:a:oracle:siebel_mobile:*:*:*:*:*:*:*:* versions up to (including) 20.12 cpe:2.3:a:oracle:storagetek_acsls:8.5.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:* cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:* versions up to (excluding) 6.0.9 jquery.min.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/jquery/dist/jquery.min.jsMD5: a09e13ee94d51c524b7e2a728c7d4039SHA1: 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aaeSHA256: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02efReferenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence Vendor file name jquery High Product file name jquery High Version file version 3.3.1 High
CVE-2019-11358 suppress
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A References:
cve@mitre.org - BROKEN_LINK,THIRD_PARTY_ADVISORY,VDB_ENTRY cve@mitre.org - EXPLOIT,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING,MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY,VDB_ENTRY cve@mitre.org - THIRD_PARTY_ADVISORY,VDB_ENTRY cve@mitre.org - THIRD_PARTY_ADVISORY,VDB_ENTRY info - https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ info - https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b info - https://nvd.nist.gov/vuln/detail/CVE-2019-11358 Vulnerable Software & Versions (NVD):
cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:* versions from (including) 1.11.0; versions up to (excluding) 1.11.9 cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:* versions from (including) 1.12.0; versions up to (excluding) 1.12.6 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.66 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.5.0; versions up to (excluding) 8.5.15 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.6.0; versions up to (excluding) 8.6.15 cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* versions from (including) 3.0.0; versions up to (including) 3.9.4 cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0 cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from (including) 3.0; versions up to (including) 3.1.3 cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:* cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 19.1 cpe:2.3:a:oracle:application_service_level_management:13.2.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_service_level_management:13.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:13.1.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:13.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:13.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:* versions from (including) 2.7.0; versions up to (including) 2.8.0 cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:* versions from (including) 2.4.0; versions up to (including) 2.10.0 cpe:2.3:a:oracle:bi_publisher:5.5.0.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:big_data_discovery:1.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.4.0 cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:* versions from (including) 6.0; versions up to (including) 6.4 cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:* versions from (including) 4.1; versions up to (including) 4.3 cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:4.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_unified_inventory_management:7.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:diagnostic_assistant:2.12.36:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 7.3.3; versions up to (including) 7.3.5 cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_asset_liability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.9 cpe:2.3:a:oracle:financial_services_data_integration_hub:*:*:*:*:*:*:*:* versions from (including) 8.0.5; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.0.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.4.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.5.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.5:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:financial_services_retail_customer_analytics:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.6 cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_simphony:*:*:*:*:*:*:*:* versions from (including) 19.1.0; versions up to (including) 19.1.2 cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:identity_manager:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7 cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:* versions from (including) 5.0.0.0; versions up to (including) 5.6.0.0 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_performance_insight:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper_and_adf:11.1.1.9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper_and_adf:12.1.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper_and_adf:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:knowledge:*:*:*:*:*:*:*:* versions from (including) 8.6.0; versions up to (including) 8.6.3 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.15 cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation:12.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation:12.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.15 cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 16.2.0; versions up to (including) 16.2.11 cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 17.12.0; versions up to (including) 17.12.7 cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 18.8.0; versions up to (including) 18.8.9 cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 19.12.0; versions up to (including) 19.12.4 cpe:2.3:a:oracle:primavera_gateway:15.2.18:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 17.7; versions up to (including) 17.12 cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:real-time_scheduler:*:*:*:*:*:*:*:* versions from (including) 2.3.0.1; versions up to (including) 2.3.0.3 cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:* cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:* cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:* cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:* cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:* cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_central_office:14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_point-of-service:14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:service_bus:11.1.1.9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:service_bus:12.1.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:service_bus:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:siebel_mobile_applications:*:*:*:*:*:*:*:* versions up to (including) 19.8 cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:system_utilities:19.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:tape_library_acsls:8.5:*:*:*:*:*:*:* cpe:2.3:a:oracle:tape_library_acsls:8.5.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:transportation_management:1.4.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:utilities_mobile_workforce_management:*:*:*:*:*:*:*:* versions from (including) 2.3.0.1; versions up to (including) 2.3.0.3 cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:cloudforms:4.7:*:*:*:*:*:*:* cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:* CVE-2020-11022 suppress
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A References:
info - https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ security-advisories@github.com - BROKEN_LINK security-advisories@github.com - BROKEN_LINK security-advisories@github.com - BROKEN_LINK security-advisories@github.com - EXPLOIT,THIRD_PARTY_ADVISORY,VDB_ENTRY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - MITIGATION,THIRD_PARTY_ADVISORY security-advisories@github.com - MITIGATION,VENDOR_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - RELEASE_NOTES,VENDOR_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY Vulnerable Software & Versions (NVD):
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.70 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.7.0; versions up to (excluding) 8.7.14 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.8.0; versions up to (excluding) 8.8.6 cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions from (including) 1.2; versions up to (excluding) 3.5.0 cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from (including) 3.0; versions up to (including) 3.1.3 cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:*:*:*:*:*:*:*:* versions from (including) 18.1; versions up to (including) 20.1 cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:* versions up to (excluding) 21.1.2 cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\::*:*:*:*:*:*:*:* versions from (including) 8.0.0; versions up to (including) 8.2.2 cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.4.0 cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.6.0.0; versions up to (including) 8.1.0.0.0 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.9 cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_profitability_management:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.9 cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_simphony:*:*:*:*:*:*:*:* versions from (including) 19.1.0; versions up to (including) 19.1.2 cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:hospitality_simphony:19.1.0-19.1.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0 cpe:2.3:a:oracle:insurance_data_foundation:8.0.6-8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:* versions from (including) 5.0.0.0; versions up to (including) 5.6.0.0 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.20 cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.20 cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:storagetek_acsls:8.5.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:* cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:* versions up to (excluding) 6.0.9 CVE-2020-11023 suppress
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A References:
info - https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ security-advisories@github.com - BROKEN_LINK security-advisories@github.com - BROKEN_LINK security-advisories@github.com - BROKEN_LINK,MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - EXPLOIT,THIRD_PARTY_ADVISORY,VDB_ENTRY security-advisories@github.com - MAILING_LIST,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY security-advisories@github.com - RELEASE_NOTES,VENDOR_ADVISORY security-advisories@github.com - RELEASE_NOTES,VENDOR_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY security-advisories@github.com - THIRD_PARTY_ADVISORY Vulnerable Software & Versions (NVD):
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.70 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.7.0; versions up to (excluding) 8.7.14 cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.8.0; versions up to (excluding) 8.8.6 cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions from (including) 1.0.3; versions up to (excluding) 3.5.0 cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from (including) 3.0; versions up to (including) 3.1.3 cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:snapcenter_server:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 20.2 cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:* versions from (including) 2.7.0; versions up to (including) 2.8.0 cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:* versions from (including) 2.4.0; versions up to (including) 2.10.0 cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:* cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.4.0 cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:* versions from (including) 6.1; versions up to (including) 6.4 cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:* versions from (including) 4.1; versions up to (including) 4.3 cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:health_sciences_inform:6.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:hyperion_financial_reporting:11.1.2.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:* versions up to (excluding) 9.2.5.0 cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* versions up to (excluding) 9.2.5.0 cpe:2.3:a:oracle:oss_support_tools:*:*:*:*:*:*:*:* versions up to (excluding) 2.12.41 cpe:2.3:a:oracle:peoplesoft_enterprise_human_capital_management_resources:9.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 16.2; versions up to (including) 16.2.11 cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 17.12.0; versions up to (including) 17.12.7 cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 18.8.0; versions up to (including) 18.8.9 cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 19.12.0; versions up to (including) 19.12.4 cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:* cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:* cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:* cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:* cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:* cpe:2.3:a:oracle:siebel_mobile:*:*:*:*:*:*:*:* versions up to (including) 20.12 cpe:2.3:a:oracle:storagetek_acsls:8.5.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:* cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:* versions up to (excluding) 6.0.9 jquery.numberformatter-1.2.3.min.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/content/js/jquery.numberformatter-1.2.3.min.jsMD5: ccf0167ab9837f9db78933cde57cc01dSHA1: f7c0e7dbe955403649b671934cb0dbac4e953c14SHA256: 97c9ddbd879370412e06b4025a76672e77d8744bb60db46159846df86085caf2Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
jquery.tablesorter.min.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/content/js/jquery.tablesorter.min.jsMD5: 37e07d7e8433c9a5d0328f65c6c06d8dSHA1: d77bede8e06aa5c08cba8010d6b55756cf55af04SHA256: 30960c23251ab66e737673700a99848027ade8cefb2d9762ee981a112e8fe361Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
json-path-2.9.0.jar json-smart-2.5.0.jarDescription:
JSON (JavaScript Object Notation) is a lightweight data-interchange format. It is easy for humans to read and write. It is easy for machines to parse and generate. It is based on a subset of the JavaScript Programming Language, Standard ECMA-262 3rd Edition - December 1999. JSON is a text format that is completely language independent but uses conventions that are familiar to programmers of the C-family of languages, including C, C++, C#, Java, JavaScript, Perl, Python, and many others. These properties make JSON an ideal data-interchange language. License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/net.minidev/json-smart/2.5.0/57a64f421b472849c40e77d2e7cce3a141b41e99/json-smart-2.5.0.jar
MD5: af9b7eda9c435acaf22e840991c7b10f
SHA1: 57a64f421b472849c40e77d2e7cce3a141b41e99
SHA256: 432b9e545848c4141b80717b26e367f83bf33f19250a228ce75da6e967da2bc7
Referenced In Projects/Scopes: opencdx-client:productionRuntimeClasspath opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-client:compileClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath json-smart-2.5.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name json-smart High Vendor gradle artifactid json-smart Highest Vendor gradle groupid net.minidev Highest Vendor jar package name json Highest Vendor jar package name minidev Highest Vendor jar package name net Highest Vendor jar package name parser Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://urielch.github.io/ Low Vendor Manifest bundle-symbolicname net.minidev.json-smart Medium Vendor pom artifactid json-smart Low Vendor pom developer email adoneitan@gmail.com Low Vendor pom developer email shoothzj@gmail.com Low Vendor pom developer email uchemouni@gmail.com Low Vendor pom developer id erav Medium Vendor pom developer id Shoothzj Medium Vendor pom developer id uriel Medium Vendor pom developer name Eitan Raviv Medium Vendor pom developer name Uriel Chemouni Medium Vendor pom developer name ZhangJian He Medium Vendor pom groupid net.minidev Highest Vendor pom name JSON Small and Fast Parser High Vendor pom organization name Chemouni Uriel High Vendor pom organization url https://urielch.github.io/ Medium Vendor pom url https://urielch.github.io/ Highest Product file name json-smart High Product gradle artifactid json-smart Highest Product jar package name json Highest Product jar package name minidev Highest Product jar package name net Highest Product jar package name parser Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://urielch.github.io/ Low Product Manifest Bundle-Name json-smart Medium Product Manifest bundle-symbolicname net.minidev.json-smart Medium Product pom artifactid json-smart Highest Product pom developer email adoneitan@gmail.com Low Product pom developer email shoothzj@gmail.com Low Product pom developer email uchemouni@gmail.com Low Product pom developer id erav Low Product pom developer id Shoothzj Low Product pom developer id uriel Low Product pom developer name Eitan Raviv Low Product pom developer name Uriel Chemouni Low Product pom developer name ZhangJian He Low Product pom groupid net.minidev Highest Product pom name JSON Small and Fast Parser High Product pom organization name Chemouni Uriel Low Product pom organization url https://urielch.github.io/ Low Product pom url https://urielch.github.io/ Medium Version file version 2.5.0 High Version gradle version 2.5.0 Highest Version Manifest Bundle-Version 2.5.0 High Version pom version 2.5.0 Highest
jsonassert-1.5.1.jar jsr305-3.0.2.jar jul-to-slf4j-2.0.12.jar junit-jupiter-5.10.2.jar junit-jupiter-api-5.10.2.jar junit-jupiter-engine-5.10.2.jar junit-jupiter-params-5.10.2.jar junit-platform-commons-1.10.2.jar junit-platform-engine-1.10.2.jar listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar log4j-api-2.21.1.jar log4j-to-slf4j-2.21.1.jar logback-classic-1.4.14.jar logback-core-1.4.14.jar loki-logback-appender-1.5.1.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.github.loki4j/loki-logback-appender/1.5.1/e5b1468c85f52047a8f18a16c8a78086dc6e4398/loki-logback-appender-1.5.1.jarMD5: e1e34aa2215c6111740bfdfaef571d01SHA1: e5b1468c85f52047a8f18a16c8a78086dc6e4398SHA256: 7b166f730b73829fffb05870cd17ce71e573a30feee7504cf39c8b3359546ee1Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-discovery:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath loki-logback-appender-1.5.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-admin@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-gateway@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-discovery@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-gateway@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-discovery@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-admin@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name loki-logback-appender High Vendor gradle artifactid loki-logback-appender Highest Vendor gradle groupid com.github.loki4j Highest Vendor jar package name client Low Vendor jar package name github Low Vendor jar package name loki4j Low Product file name loki-logback-appender High Product gradle artifactid loki-logback-appender Highest Product jar package name client Low Product jar package name loki4j Low Version file name loki-logback-appender Medium Version file version 1.5.1 High Version gradle version 1.5.1 Highest
lombok-1.18.30.jar lombok-1.18.30.jar: mavenEcjBootstrapAgent.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.projectlombok/lombok/1.18.30/f195ee86e6c896ea47a1d39defbe20eb59cd149d/lombok-1.18.30.jar/lombok/launch/mavenEcjBootstrapAgent.jarMD5: 2bc7812d729aa7f761f721c6f0620848SHA1: e67209a53266080be85e8848c01fd15af98700c7SHA256: 63da6c6457ba6bfb61867cf644542464783adc57bbf36a7f0843c2822c288169Referenced In Projects/Scopes:
opencdx-client:annotationProcessor opencdx-client:lombok opencdx-iam:annotationProcessor opencdx-questionnaire:lombok opencdx-media:compileClasspath opencdx-admin:annotationProcessor opencdx-audit:lombok opencdx-proto:lombok opencdx-classification-analyzer:lombok opencdx-helloworld:annotationProcessor opencdx-iam:lombok opencdx-questionnaire:annotationProcessor opencdx-communications:compileClasspath opencdx-proto:annotationProcessor opencdx-proto:compileProtoPath opencdx-client:compileClasspath opencdx-discovery:annotationProcessor opencdx-commons:compileClasspath opencdx-communications:annotationProcessor OpenCDX:annotationProcessor opencdx-config:compileClasspath opencdx-tinkar:compileClasspath opencdx-media:lombok opencdx-admin:lombok opencdx-audit:compileClasspath opencdx-discovery:lombok opencdx-gateway:lombok opencdx-logistics:annotationProcessor opencdx-tinkar:annotationProcessor opencdx-health:lombok opencdx-questionnaire:compileClasspath opencdx-helloworld:compileClasspath opencdx-logistics:lombok opencdx-classification:lombok OpenCDX:lombok opencdx-commons:annotationProcessor opencdx-commons:lombok opencdx-helloworld:lombok opencdx-proto:compileClasspath opencdx-audit:annotationProcessor opencdx-discovery:compileClasspath opencdx-health:annotationProcessor opencdx-classification-analyzer:annotationProcessor OpenCDX:compileClasspath opencdx-classification:annotationProcessor opencdx-media:annotationProcessor opencdx-logistics:compileClasspath opencdx-gateway:annotationProcessor opencdx-classification-analyzer:compileClasspath opencdx-admin:compileClasspath opencdx-health:compileClasspath opencdx-config:annotationProcessor opencdx-gateway:compileClasspath opencdx-iam:compileClasspath opencdx-communications:lombok opencdx-classification:compileClasspath opencdx-config:lombok opencdx-tinkar:lombok Evidence Type Source Name Value Confidence Vendor file name mavenEcjBootstrapAgent High Vendor jar package name launch Low Vendor jar package name lombok Low Vendor Manifest can-redefine-classes true Low Product file name mavenEcjBootstrapAgent High Product jar package name launch Low Product Manifest can-redefine-classes true Low
lucene-core-9.7.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.apache.lucene/lucene-core/9.7.0/ad391210ffd806931334be9670a35af00c56f959/lucene-core-9.7.0.jarMD5: 09e8c242545e09349ce287eaafc3e185SHA1: ad391210ffd806931334be9670a35af00c56f959SHA256: 624d7f544afefcbc382f2d9c8fe9e04fb5626c6fb579b584663baf43df1653f8Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath lucene-core-9.7.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 Evidence Type Source Name Value Confidence Vendor file name lucene-core High Vendor gradle artifactid lucene-core Highest Vendor gradle groupid org.apache.lucene Highest Vendor jar package name apache Highest Vendor jar package name apache Low Vendor jar package name lucene Highest Vendor jar package name lucene Low Vendor jar package name org Highest Vendor Manifest extension-name org.apache.lucene Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest multi-release true Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest x-build-os Linux amd64 5.15.0-75-generic Low Product file name lucene-core High Product gradle artifactid lucene-core Highest Product jar package name apache Highest Product jar package name lucene Highest Product jar package name lucene Low Product jar package name org Highest Product jar package name search Highest Product Manifest extension-name org.apache.lucene Medium Product Manifest Implementation-Title org.apache.lucene High Product Manifest multi-release true Low Product Manifest specification-title Lucene Search Engine: core Medium Product Manifest x-build-os Linux amd64 5.15.0-75-generic Low Version file name lucene-core Medium Version file version 9.7.0 High Version gradle version 9.7.0 Highest Version Manifest Implementation-Version 9.7.0 ccf4b198ec328095d45d2746189dc8ca633e8bcf - 2023-06-21 11:48:16 High
lucene-highlighter-9.7.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.apache.lucene/lucene-highlighter/9.7.0/facb7c7ee0f75ed457a2d98f10d6430e25a53691/lucene-highlighter-9.7.0.jarMD5: d9c0fef44da5b9c93c1a7c3cca13f488SHA1: facb7c7ee0f75ed457a2d98f10d6430e25a53691SHA256: 5e85aeb68a79849a3742c2d2194b6b2b031b9fc36a72d78b7d07a210d4d4dbb5Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath lucene-highlighter-9.7.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 Evidence Type Source Name Value Confidence Vendor file name lucene-highlighter High Vendor gradle artifactid lucene-highlighter Highest Vendor gradle groupid org.apache.lucene Highest Vendor jar package name apache Highest Vendor jar package name apache Low Vendor jar package name lucene Highest Vendor jar package name lucene Low Vendor jar package name search Low Vendor Manifest extension-name org.apache.lucene Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest x-build-os Linux amd64 5.15.0-75-generic Low Product file name lucene-highlighter High Product gradle artifactid lucene-highlighter Highest Product jar package name apache Highest Product jar package name lucene Highest Product jar package name lucene Low Product jar package name search Highest Product jar package name search Low Product Manifest extension-name org.apache.lucene Medium Product Manifest Implementation-Title org.apache.lucene High Product Manifest specification-title Lucene Search Engine: highlighter Medium Product Manifest x-build-os Linux amd64 5.15.0-75-generic Low Version file name lucene-highlighter Medium Version file version 9.7.0 High Version gradle version 9.7.0 Highest Version Manifest Implementation-Version 9.7.0 ccf4b198ec328095d45d2746189dc8ca633e8bcf - 2023-06-21 11:48:16 High
lucene-memory-9.7.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.apache.lucene/lucene-memory/9.7.0/fade51ee353e15ddbbc45262aafe6f99ed020f1/lucene-memory-9.7.0.jarMD5: 127158d8c4f8c79d3ad48c9e790c3ca7SHA1: 0fade51ee353e15ddbbc45262aafe6f99ed020f1SHA256: 8ad121401befe64c6e1cf5ed43600c2a63b673c39b28b6669515208e65ea3723Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:runtimeClasspath lucene-memory-9.7.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 Evidence Type Source Name Value Confidence Vendor file name lucene-memory High Vendor gradle artifactid lucene-memory Highest Vendor gradle groupid org.apache.lucene Highest Vendor jar package name apache Highest Vendor jar package name apache Low Vendor jar package name index Low Vendor jar package name lucene Highest Vendor jar package name lucene Low Vendor Manifest extension-name org.apache.lucene Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest x-build-os Linux amd64 5.15.0-75-generic Low Product file name lucene-memory High Product gradle artifactid lucene-memory Highest Product jar package name apache Highest Product jar package name index Low Product jar package name lucene Highest Product jar package name lucene Low Product jar package name memory Highest Product jar package name memory Low Product Manifest extension-name org.apache.lucene Medium Product Manifest Implementation-Title org.apache.lucene High Product Manifest specification-title Lucene Search Engine: memory Medium Product Manifest x-build-os Linux amd64 5.15.0-75-generic Low Version file name lucene-memory Medium Version file version 9.7.0 High Version gradle version 9.7.0 Highest Version Manifest Implementation-Version 9.7.0 ccf4b198ec328095d45d2746189dc8ca633e8bcf - 2023-06-21 11:48:16 High
lucene-queries-9.7.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.apache.lucene/lucene-queries/9.7.0/126989d4622419aa06fcbf3a342e859cab8c8799/lucene-queries-9.7.0.jarMD5: b756305d154698e193828c5cc5698874SHA1: 126989d4622419aa06fcbf3a342e859cab8c8799SHA256: 1ef397f798888ed8a0bbe9d5d0f2d76cd72bfa2c1bafe3b0f9a5c849dda91acbReferenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath lucene-queries-9.7.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 Evidence Type Source Name Value Confidence Vendor file name lucene-queries High Vendor gradle artifactid lucene-queries Highest Vendor gradle groupid org.apache.lucene Highest Vendor jar package name apache Highest Vendor jar package name apache Low Vendor jar package name lucene Highest Vendor jar package name lucene Low Vendor jar package name queries Low Vendor Manifest extension-name org.apache.lucene Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest x-build-os Linux amd64 5.15.0-75-generic Low Product file name lucene-queries High Product gradle artifactid lucene-queries Highest Product jar package name apache Highest Product jar package name lucene Highest Product jar package name lucene Low Product jar package name queries Highest Product jar package name queries Low Product Manifest extension-name org.apache.lucene Medium Product Manifest Implementation-Title org.apache.lucene High Product Manifest specification-title Lucene Search Engine: queries Medium Product Manifest x-build-os Linux amd64 5.15.0-75-generic Low Version file name lucene-queries Medium Version file version 9.7.0 High Version gradle version 9.7.0 Highest Version Manifest Implementation-Version 9.7.0 ccf4b198ec328095d45d2746189dc8ca633e8bcf - 2023-06-21 11:48:16 High
lucene-queryparser-9.7.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.apache.lucene/lucene-queryparser/9.7.0/6e77bde908ff698354e4a2149e6dd4658b56d7b0/lucene-queryparser-9.7.0.jarMD5: 45e1c98d97cf2ab4ef23f47b4eaf1d99SHA1: 6e77bde908ff698354e4a2149e6dd4658b56d7b0SHA256: 01b48a489d337c0fcc5a5e5bff09f076cd075ec619035ebc05135beff914b57aReferenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath lucene-queryparser-9.7.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 Evidence Type Source Name Value Confidence Vendor file name lucene-queryparser High Vendor gradle artifactid lucene-queryparser Highest Vendor gradle groupid org.apache.lucene Highest Vendor jar package name apache Highest Vendor jar package name apache Low Vendor jar package name lucene Highest Vendor jar package name lucene Low Vendor jar package name queryparser Low Vendor Manifest extension-name org.apache.lucene Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest x-build-os Linux amd64 5.15.0-75-generic Low Product file name lucene-queryparser High Product gradle artifactid lucene-queryparser Highest Product jar package name apache Highest Product jar package name flexible Low Product jar package name lucene Highest Product jar package name lucene Low Product jar package name queryparser Highest Product jar package name queryparser Low Product Manifest extension-name org.apache.lucene Medium Product Manifest Implementation-Title org.apache.lucene High Product Manifest specification-title Lucene Search Engine: queryparser Medium Product Manifest x-build-os Linux amd64 5.15.0-75-generic Low Version file name lucene-queryparser Medium Version file version 9.7.0 High Version gradle version 9.7.0 Highest Version Manifest Implementation-Version 9.7.0 ccf4b198ec328095d45d2746189dc8ca633e8bcf - 2023-06-21 11:48:16 High
lucene-sandbox-9.7.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.apache.lucene/lucene-sandbox/9.7.0/9f3e8e1947f2f1c5784132444af51a060ff0b4bf/lucene-sandbox-9.7.0.jarMD5: 602346201d03140d1401450909a52737SHA1: 9f3e8e1947f2f1c5784132444af51a060ff0b4bfSHA256: 07686ece4db37546ca3d89ecb1836d73df5f4f88d807f203cd302a4c7467c53fReferenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath lucene-sandbox-9.7.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 Evidence Type Source Name Value Confidence Vendor file name lucene-sandbox High Vendor gradle artifactid lucene-sandbox Highest Vendor gradle groupid org.apache.lucene Highest Vendor jar package name apache Highest Vendor jar package name apache Low Vendor jar package name lucene Highest Vendor jar package name lucene Low Vendor jar package name sandbox Low Vendor Manifest extension-name org.apache.lucene Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest x-build-os Linux amd64 5.15.0-75-generic Low Product file name lucene-sandbox High Product gradle artifactid lucene-sandbox Highest Product jar package name apache Highest Product jar package name lucene Highest Product jar package name lucene Low Product jar package name sandbox Highest Product jar package name sandbox Low Product jar package name search Highest Product jar package name search Low Product Manifest extension-name org.apache.lucene Medium Product Manifest Implementation-Title org.apache.lucene High Product Manifest specification-title Lucene Search Engine: sandbox Medium Product Manifest x-build-os Linux amd64 5.15.0-75-generic Low Version file name lucene-sandbox Medium Version file version 9.7.0 High Version gradle version 9.7.0 Highest Version Manifest Implementation-Version 9.7.0 ccf4b198ec328095d45d2746189dc8ca633e8bcf - 2023-06-21 11:48:16 High
maven-artifact-3.6.1.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.apache.maven/maven-artifact/3.6.1/4603471881d2f033b80c13ada7a31f56df7435e5/maven-artifact-3.6.1.jarMD5: 42734b35aa098cf8435469eb33444c78SHA1: 4603471881d2f033b80c13ada7a31f56df7435e5SHA256: 797fa1bcf54d7216e863b8177c04507d09c708eec153626eca473054c0eb56f3Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath maven-artifact-3.6.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 Evidence Type Source Name Value Confidence Vendor file name maven-artifact High Vendor gradle artifactid maven-artifact Highest Vendor gradle groupid org.apache.maven Highest Vendor jar package name apache Highest Vendor jar package name artifact Highest Vendor jar package name maven Highest Vendor Manifest implementation-url https://maven.apache.org/ref/3.6.1/maven-artifact/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-artifact Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Artifact High Vendor pom parent-artifactid maven Low Product file name maven-artifact High Product gradle artifactid maven-artifact Highest Product jar package name apache Highest Product jar package name artifact Highest Product jar package name maven Highest Product Manifest Implementation-Title Maven Artifact High Product Manifest implementation-url https://maven.apache.org/ref/3.6.1/maven-artifact/ Low Product Manifest specification-title Maven Artifact Medium Product pom artifactid maven-artifact Highest Product pom groupid org.apache.maven Highest Product pom name Maven Artifact High Product pom parent-artifactid maven Medium Version file version 3.6.1 High Version gradle version 3.6.1 Highest Version Manifest Implementation-Version 3.6.1 High Version pom version 3.6.1 Highest
member-search-index.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/javadoc/member-search-index.jsMD5: cf0047abf21d762cc70787701c0f6b84SHA1: a83efda5035ed3491a152c0bcaa53bed0f838edbSHA256: 5d6d4744b9b4d2832f74e52dc510aa53220c778be7f7bef27273716633034e10Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
metisMenu.min.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/bower_components/metisMenu/dist/metisMenu.min.jsMD5: 9d596cdad6a6e250ced46785d04adf4eSHA1: 28e5114d5db21eec8d4c9bbb29cf7d73dcef2b9fSHA256: 3ab0a74bbd399efdf7c9c9bffb689f0a755fc7131d5af04c8393d45f5163a69bReferenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
micrometer-commons-1.12.4.jar micrometer-core-1.12.4.jar micrometer-jakarta9-1.12.4.jar micrometer-observation-1.12.4.jar micrometer-registry-prometheus-1.12.4.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.micrometer/micrometer-registry-prometheus/1.12.4/6096028aa6df769fc10885cfc8a70d484114971f/micrometer-registry-prometheus-1.12.4.jarMD5: 0e699d9d9130189f69e7025190a1ed8aSHA1: 6096028aa6df769fc10885cfc8a70d484114971fSHA256: 82b35de849cc4da78d45366db4c31fe0468a4791e445a301c12c02d15a68e866Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-discovery:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath micrometer-registry-prometheus-1.12.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-admin@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-gateway@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-discovery@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-gateway@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-discovery@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-admin@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name micrometer-registry-prometheus High Vendor gradle artifactid micrometer-registry-prometheus Highest Vendor gradle groupid io.micrometer Highest Vendor jar package name io Low Vendor jar package name micrometer Highest Vendor jar package name micrometer Low Vendor jar package name prometheus Highest Vendor jar package name prometheus Low Vendor Manifest automatic-module-name micrometer.registry.prometheus Medium Vendor Manifest branch HEAD Low Vendor Manifest build-date 2024-03-11_15:21:28 Low Vendor Manifest build-date-utc 2024-03-11T15:21:28.669979570Z Low Vendor Manifest build-host 81a4eaf02372 Low Vendor Manifest build-job deploy Low Vendor Manifest build-number 31228 Low Vendor Manifest build-timezone Etc/UTC Low Vendor Manifest build-url https://circleci.com/gh/micrometer-metrics/micrometer/31228 Low Vendor Manifest built-os Linux Low Vendor Manifest built-status release Low Vendor Manifest bundle-symbolicname micrometer-registry-prometheus Medium Vendor Manifest change 52075c6 Low Vendor Manifest full-change 52075c682e092f87cfc39d9df0ff61a3b4c93ab8 Low Vendor Manifest module-email tludwig@vmware.com Low Vendor Manifest module-origin micrometer-metrics/micrometer.git Low Vendor Manifest module-owner tludwig@vmware.com Low Vendor Manifest module-source /implementations/micrometer-registry-prometheus Low Product file name micrometer-registry-prometheus High Product gradle artifactid micrometer-registry-prometheus Highest Product jar package name io Highest Product jar package name micrometer Highest Product jar package name micrometer Low Product jar package name prometheus Highest Product jar package name prometheus Low Product Manifest automatic-module-name micrometer.registry.prometheus Medium Product Manifest branch HEAD Low Product Manifest build-date 2024-03-11_15:21:28 Low Product Manifest build-date-utc 2024-03-11T15:21:28.669979570Z Low Product Manifest build-host 81a4eaf02372 Low Product Manifest build-job deploy Low Product Manifest build-number 31228 Low Product Manifest build-timezone Etc/UTC Low Product Manifest build-url https://circleci.com/gh/micrometer-metrics/micrometer/31228 Low Product Manifest built-os Linux Low Product Manifest built-status release Low Product Manifest Bundle-Name micrometer-registry-prometheus Medium Product Manifest bundle-symbolicname micrometer-registry-prometheus Medium Product Manifest change 52075c6 Low Product Manifest full-change 52075c682e092f87cfc39d9df0ff61a3b4c93ab8 Low Product Manifest Implementation-Title io.micrometer#micrometer-registry-prometheus;1.12.4 High Product Manifest module-email tludwig@vmware.com Low Product Manifest module-origin micrometer-metrics/micrometer.git Low Product Manifest module-owner tludwig@vmware.com Low Product Manifest module-source /implementations/micrometer-registry-prometheus Low Version file version 1.12.4 High Version Manifest Implementation-Version 1.12.4 High
micrometer-tracing-1.2.4.jar micrometer-tracing-bridge-brave-1.2.4.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.micrometer/micrometer-tracing-bridge-brave/1.2.4/15ed7a5236b2317cc9e16443d52ba6d601768b05/micrometer-tracing-bridge-brave-1.2.4.jarMD5: 603fdd72b31ed2c185969d400daf1843SHA1: 15ed7a5236b2317cc9e16443d52ba6d601768b05SHA256: 093f1e65fc2c33100650f5ae31df9ab97be078437f37fa65948a06f7d0b2969fReferenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath micrometer-tracing-bridge-brave-1.2.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-admin@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-discovery@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-gateway@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-gateway@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-discovery@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-admin@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-gateway@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-discovery@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-admin@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name micrometer-tracing-bridge-brave High Vendor gradle artifactid micrometer-tracing-bridge-brave Highest Vendor gradle groupid io.micrometer Highest Vendor jar package name brave Highest Vendor jar package name io Low Vendor jar package name micrometer Highest Vendor jar package name micrometer Low Vendor jar package name tracing Highest Vendor jar package name tracing Low Vendor Manifest automatic-module-name micrometer.tracing.bridge.brave Medium Vendor Manifest branch HEAD Low Vendor Manifest build-date 2024-03-12_02:19:07 Low Vendor Manifest build-date-utc 2024-03-12T02:19:07.701912906Z Low Vendor Manifest build-host d5c3c53bc3c4 Low Vendor Manifest build-job deploy Low Vendor Manifest build-number 6116 Low Vendor Manifest build-timezone Etc/UTC Low Vendor Manifest build-url https://circleci.com/gh/micrometer-metrics/tracing/6116 Low Vendor Manifest built-os Linux Low Vendor Manifest built-status release Low Vendor Manifest change ee8972b Low Vendor Manifest full-change ee8972bc7bd1e705de695c66464d17a16550483f Low Vendor Manifest module-email tludwig@vmware.com,jivanov@vmware.com,mgrzejszczak@vmware.com Low Vendor Manifest module-origin micrometer-metrics/tracing.git Low Vendor Manifest module-owner tludwig@vmware.com,jivanov@vmware.com,mgrzejszczak@vmware.com Low Vendor Manifest module-source /micrometer-tracing-bridges/micrometer-tracing-bridge-brave Low Product file name micrometer-tracing-bridge-brave High Product gradle artifactid micrometer-tracing-bridge-brave Highest Product jar package name brave Highest Product jar package name brave Low Product jar package name io Highest Product jar package name micrometer Highest Product jar package name micrometer Low Product jar package name tracing Highest Product jar package name tracing Low Product Manifest automatic-module-name micrometer.tracing.bridge.brave Medium Product Manifest branch HEAD Low Product Manifest build-date 2024-03-12_02:19:07 Low Product Manifest build-date-utc 2024-03-12T02:19:07.701912906Z Low Product Manifest build-host d5c3c53bc3c4 Low Product Manifest build-job deploy Low Product Manifest build-number 6116 Low Product Manifest build-timezone Etc/UTC Low Product Manifest build-url https://circleci.com/gh/micrometer-metrics/tracing/6116 Low Product Manifest built-os Linux Low Product Manifest built-status release Low Product Manifest change ee8972b Low Product Manifest full-change ee8972bc7bd1e705de695c66464d17a16550483f Low Product Manifest Implementation-Title io.micrometer#micrometer-tracing-bridge-brave;1.2.4 High Product Manifest module-email tludwig@vmware.com,jivanov@vmware.com,mgrzejszczak@vmware.com Low Product Manifest module-origin micrometer-metrics/tracing.git Low Product Manifest module-owner tludwig@vmware.com,jivanov@vmware.com,mgrzejszczak@vmware.com Low Product Manifest module-source /micrometer-tracing-bridges/micrometer-tracing-bridge-brave Low Version file version 1.2.4 High Version Manifest Implementation-Version 1.2.4 High
CVE-2022-47932 suppress
Brave Browser before 1.43.34 allowed a remote attacker to cause a denial of service via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This vulnerability is caused by an incomplete fix for CVE-2022-47933. NVD-CWE-Other
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2022-47933 suppress
Brave Browser before 1.42.51 allowed a remote attacker to cause a denial of service via a crafted HTML file that references the IPFS scheme. This vulnerability is caused by an uncaught exception in the function ipfs::OnBeforeURLRequest_IPFSRedirectWork() in ipfs_redirect_network_delegate_helper.cc. CWE-755 Improper Handling of Exceptional Conditions
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2022-47934 suppress
Brave Browser before 1.43.88 allowed a remote attacker to cause a denial of service in private and guest windows via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This is caused by an incomplete fix for CVE-2022-47932 and CVE-2022-47934. NVD-CWE-Other
CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2021-22929 suppress
An information disclosure exists in Brave Browser Desktop prior to version 1.28.62, where logged warning messages that included timestamps of connections to V2 onion domains in tor.log. CWE-532 Insertion of Sensitive Information into Log File, CWE-312 Cleartext Storage of Sensitive Information
CVSSv2:
Base Score: LOW (3.6) Vector: /AV:L/AC:L/Au:N/C:P/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N/E:1.8/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2020-8276 suppress
The implementation of Brave Desktop's privacy-preserving analytics system (P3A) between 1.1 and 1.18.35 logged the timestamp of when the user last opened an incognito window, including Tor windows. The intended behavior was to log the timestamp for incognito windows excluding Tor windows. Note that if a user has P3A enabled, the timestamp is not sent to Brave's server, but rather a value from:Used in last 24hUsed in last week but not 24hUsed in last 28 days but not weekEver used but not in last 28 daysNever usedThe privacy risk is low because a local attacker with disk access cannot tell if the timestamp corresponds to a Tor window or a non-Tor incognito window. CWE-312 Cleartext Storage of Sensitive Information
CVSSv2:
Base Score: LOW (2.1) Vector: /AV:L/AC:L/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:1.8/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2022-30334 suppress
Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises "Note that Private Windows with Tor Connectivity in Brave are just regular private windows that use Tor as a proxy. Brave does NOT implement most of the privacy protections from Tor Browser." CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: MEDIUM (5.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2023-28360 suppress
An omission of security-relevant information vulnerability exists in Brave desktop prior to version 1.48.171 when a user was saving a file there was no download safety check dialog presented to the user. NVD-CWE-Other, CWE-223 Omission of Security-relevant Information
CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions:
mockito-core-5.7.0.jar mockito-junit-jupiter-5.7.0.jar module-search-index.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/javadoc/module-search-index.jsMD5: a33da0f469acbd03f77bf407bac505f5SHA1: 1e996ce630c6e1ada3ea86d7b71dabca0180f8e8SHA256: 814a05983e3267d591c7e62b314eb8eb0504eee844c8a70d494f6edbaa0f4f18Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
mongock-api-4.3.8.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.github.cloudyrock.mongock/mongock-api/4.3.8/695784ef5c4f1d592b52e2c2413a41cb4680ced4/mongock-api-4.3.8.jarMD5: 69e6c09b4bb392061562e218d2057f32SHA1: 695784ef5c4f1d592b52e2c2413a41cb4680ced4SHA256: da2a5ea6855e9273e6d4d965074bde6bd2c6b4b33b5966cded7ef91e460cf1cbReferenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath mongock-api-4.3.8.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 Evidence Type Source Name Value Confidence Vendor file name mongock-api High Vendor gradle artifactid mongock-api Highest Vendor gradle groupid com.github.cloudyrock.mongock Highest Vendor jar package name api Highest Vendor jar package name cloudyrock Highest Vendor jar package name cloudyrock Low Vendor jar package name github Highest Vendor jar package name github Low Vendor jar package name mongock Highest Vendor jar package name mongock Low Vendor pom artifactid mongock-api Low Vendor pom groupid com.github.cloudyrock.mongock Highest Vendor pom parent-artifactid mongock-core Low Product file name mongock-api High Product gradle artifactid mongock-api Highest Product jar package name api Highest Product jar package name cloudyrock Highest Product jar package name cloudyrock Low Product jar package name github Highest Product jar package name mongock Highest Product jar package name mongock Low Product pom artifactid mongock-api Highest Product pom groupid com.github.cloudyrock.mongock Highest Product pom parent-artifactid mongock-core Medium Version file version 4.3.8 High Version gradle version 4.3.8 Highest Version pom version 4.3.8 Highest
mongock-driver-api-4.3.8.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.github.cloudyrock.mongock/mongock-driver-api/4.3.8/f564f2a1bb806fc3accda2031a0313eea56146b1/mongock-driver-api-4.3.8.jarMD5: a15c3a9e75f62b38aa643e38cb28221aSHA1: f564f2a1bb806fc3accda2031a0313eea56146b1SHA256: 43520a4f9b238cf746bea6eaded2cb6b69d0cff0631c6c54083c0f7883015379Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath mongock-driver-api-4.3.8.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 Evidence Type Source Name Value Confidence Vendor file name mongock-driver-api High Vendor gradle artifactid mongock-driver-api Highest Vendor gradle groupid com.github.cloudyrock.mongock Highest Vendor jar package name cloudyrock Highest Vendor jar package name cloudyrock Low Vendor jar package name driver Highest Vendor jar package name github Highest Vendor jar package name github Low Vendor jar package name mongock Highest Vendor jar package name mongock Low Vendor pom artifactid mongock-driver-api Low Vendor pom groupid com.github.cloudyrock.mongock Highest Vendor pom parent-artifactid mongock-driver Low Product file name mongock-driver-api High Product gradle artifactid mongock-driver-api Highest Product jar package name cloudyrock Highest Product jar package name cloudyrock Low Product jar package name driver Highest Product jar package name driver Low Product jar package name github Highest Product jar package name mongock Highest Product jar package name mongock Low Product pom artifactid mongock-driver-api Highest Product pom groupid com.github.cloudyrock.mongock Highest Product pom parent-artifactid mongock-driver Medium Version file version 4.3.8 High Version gradle version 4.3.8 Highest Version pom version 4.3.8 Highest
mongock-driver-core-4.3.8.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.github.cloudyrock.mongock/mongock-driver-core/4.3.8/504f4cf0b746d91f7b7f7a80695684610e4fbce4/mongock-driver-core-4.3.8.jarMD5: 87dce003a8c0155832cf6687a73df3cdSHA1: 504f4cf0b746d91f7b7f7a80695684610e4fbce4SHA256: 2b1cdd9a6eaf9306ead96593b4805867f56150797f80780e151b4166fb2756b0Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath mongock-driver-core-4.3.8.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 Evidence Type Source Name Value Confidence Vendor file name mongock-driver-core High Vendor gradle artifactid mongock-driver-core Highest Vendor gradle groupid com.github.cloudyrock.mongock Highest Vendor jar package name cloudyrock Highest Vendor jar package name cloudyrock Low Vendor jar package name driver Highest Vendor jar package name github Highest Vendor jar package name github Low Vendor jar package name mongock Highest Vendor jar package name mongock Low Vendor pom artifactid mongock-driver-core Low Vendor pom groupid com.github.cloudyrock.mongock Highest Vendor pom parent-artifactid mongock-driver Low Product file name mongock-driver-core High Product gradle artifactid mongock-driver-core Highest Product jar package name cloudyrock Highest Product jar package name cloudyrock Low Product jar package name driver Highest Product jar package name driver Low Product jar package name github Highest Product jar package name mongock Highest Product jar package name mongock Low Product pom artifactid mongock-driver-core Highest Product pom groupid com.github.cloudyrock.mongock Highest Product pom parent-artifactid mongock-driver Medium Version file version 4.3.8 High Version gradle version 4.3.8 Highest Version pom version 4.3.8 Highest
mongock-runner-core-4.3.8.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.github.cloudyrock.mongock/mongock-runner-core/4.3.8/69fc6839fa2424f426f40ad72bbb551315388e94/mongock-runner-core-4.3.8.jarMD5: 7872ca6d9385098c4261570b5d1fdec5SHA1: 69fc6839fa2424f426f40ad72bbb551315388e94SHA256: b214097f5732cf185b602aee28c35ffdd11c15eeb3c6894bbef24d0f32fb6009Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath mongock-runner-core-4.3.8.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 Evidence Type Source Name Value Confidence Vendor file name mongock-runner-core High Vendor gradle artifactid mongock-runner-core Highest Vendor gradle groupid com.github.cloudyrock.mongock Highest Vendor jar package name cloudyrock Highest Vendor jar package name cloudyrock Low Vendor jar package name github Highest Vendor jar package name github Low Vendor jar package name mongock Highest Vendor jar package name mongock Low Vendor jar package name runner Highest Vendor pom artifactid mongock-runner-core Low Vendor pom groupid com.github.cloudyrock.mongock Highest Vendor pom parent-artifactid mongock-runner Low Product file name mongock-runner-core High Product gradle artifactid mongock-runner-core Highest Product jar package name cloudyrock Highest Product jar package name cloudyrock Low Product jar package name github Highest Product jar package name mongock Highest Product jar package name mongock Low Product jar package name runner Highest Product jar package name runner Low Product pom artifactid mongock-runner-core Highest Product pom groupid com.github.cloudyrock.mongock Highest Product pom parent-artifactid mongock-runner Medium Version file version 4.3.8 High Version gradle version 4.3.8 Highest Version pom version 4.3.8 Highest
mongock-spring-runner-util-4.3.8.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.github.cloudyrock.mongock/mongock-spring-runner-util/4.3.8/1d3391c824f7c7b28717cb2dd0f9ad62fd4cebe1/mongock-spring-runner-util-4.3.8.jarMD5: 90def07c6759787d04322149e0454dabSHA1: 1d3391c824f7c7b28717cb2dd0f9ad62fd4cebe1SHA256: 616498f88d8a4bb5d97bd2cc322cea9bbe2928a2cc719960ef59330786d377b8Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath mongock-spring-runner-util-4.3.8.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 Evidence Type Source Name Value Confidence Vendor file name mongock-spring-runner-util High Vendor gradle artifactid mongock-spring-runner-util Highest Vendor gradle groupid com.github.cloudyrock.mongock Highest Vendor jar package name cloudyrock Highest Vendor jar package name cloudyrock Low Vendor jar package name github Highest Vendor jar package name github Low Vendor jar package name spring Highest Vendor jar package name spring Low Vendor jar package name util Highest Vendor pom artifactid mongock-spring-runner-util Low Vendor pom groupid com.github.cloudyrock.mongock Highest Vendor pom parent-artifactid spring-runners Low Product file name mongock-spring-runner-util High Product gradle artifactid mongock-spring-runner-util Highest Product jar package name cloudyrock Highest Product jar package name cloudyrock Low Product jar package name github Highest Product jar package name spring Highest Product jar package name spring Low Product jar package name util Highest Product jar package name util Low Product pom artifactid mongock-spring-runner-util Highest Product pom groupid com.github.cloudyrock.mongock Highest Product pom parent-artifactid spring-runners Medium Version file version 4.3.8 High Version gradle version 4.3.8 Highest Version pom version 4.3.8 Highest
mongock-spring-v5-4.3.8.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.github.cloudyrock.mongock/mongock-spring-v5/4.3.8/60b620df74f3a8c37cff7c3f8d3f7dfefeee1778/mongock-spring-v5-4.3.8.jarMD5: beb82d6f7545760a26b2694ab89a6c3aSHA1: 60b620df74f3a8c37cff7c3f8d3f7dfefeee1778SHA256: f9f74213c061e32dfaaf8c2c22f9b2bff17ff813ae7661cd286e7e322b531a96Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath mongock-spring-v5-4.3.8.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name mongock-spring-v5 High Vendor gradle artifactid mongock-spring-v5 Highest Vendor gradle groupid com.github.cloudyrock.mongock Highest Vendor jar package name cloudyrock Highest Vendor jar package name cloudyrock Low Vendor jar package name github Highest Vendor jar package name github Low Vendor jar package name spring Highest Vendor jar package name spring Low Vendor jar package name v5 Highest Vendor pom artifactid mongock-spring-v5 Low Vendor pom groupid com.github.cloudyrock.mongock Highest Vendor pom parent-artifactid spring-runners Low Product file name mongock-spring-v5 High Product gradle artifactid mongock-spring-v5 Highest Product jar package name cloudyrock Highest Product jar package name cloudyrock Low Product jar package name github Highest Product jar package name spring Highest Product jar package name spring Low Product jar package name v5 Highest Product jar package name v5 Low Product pom artifactid mongock-spring-v5 Highest Product pom groupid com.github.cloudyrock.mongock Highest Product pom parent-artifactid spring-runners Medium Version file version 4.3.8 High Version gradle version 4.3.8 Highest Version pom version 4.3.8 Highest
mongock-utils-4.3.8.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.github.cloudyrock.mongock/mongock-utils/4.3.8/3162d4f5ce47e09bacb3396f32999257cec30e04/mongock-utils-4.3.8.jarMD5: dabf836fad7f4209a8b1182e41dfabe5SHA1: 3162d4f5ce47e09bacb3396f32999257cec30e04SHA256: bc2b6928e6253cf63b6baabc9e3b8c7e7650f08587780d06c8d6b97ac469c750Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath mongock-utils-4.3.8.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 Evidence Type Source Name Value Confidence Vendor file name mongock-utils High Vendor gradle artifactid mongock-utils Highest Vendor gradle groupid com.github.cloudyrock.mongock Highest Vendor jar package name cloudyrock Highest Vendor jar package name cloudyrock Low Vendor jar package name github Highest Vendor jar package name github Low Vendor jar package name mongock Highest Vendor jar package name mongock Low Vendor jar package name utils Highest Vendor pom artifactid mongock-utils Low Vendor pom groupid com.github.cloudyrock.mongock Highest Vendor pom parent-artifactid mongock-core Low Product file name mongock-utils High Product gradle artifactid mongock-utils Highest Product jar package name cloudyrock Highest Product jar package name cloudyrock Low Product jar package name github Highest Product jar package name mongock Highest Product jar package name mongock Low Product jar package name utils Highest Product jar package name utils Low Product pom artifactid mongock-utils Highest Product pom groupid com.github.cloudyrock.mongock Highest Product pom parent-artifactid mongock-core Medium Version file version 4.3.8 High Version gradle version 4.3.8 Highest Version pom version 4.3.8 Highest
mongodb-driver-core-4.11.1.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.mongodb/mongodb-driver-core/4.11.1/ff92549ef5bdfbc451edeb23dd42ee395223d6e4/mongodb-driver-core-4.11.1.jarMD5: 1e4e9dca97fb11918af2b3bd5bf1d99fSHA1: ff92549ef5bdfbc451edeb23dd42ee395223d6e4SHA256: d5e1ebd29a81d8ed3f9fb6798016a1e613a2214446ea83a53c0b497e9e9248c6Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath mongodb-driver-core-4.11.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/net.javacrumbs.shedlock/shedlock-provider-mongo@5.8.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/net.javacrumbs.shedlock/shedlock-provider-mongo@5.8.0 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/net.javacrumbs.shedlock/shedlock-provider-mongo@5.8.0 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name mongodb-driver-core High Vendor gradle artifactid mongodb-driver-core Highest Vendor gradle groupid org.mongodb Highest Vendor jar package name mongodb Highest Vendor jar package name mongodb Low Vendor Manifest automatic-module-name org.mongodb.driver.core Medium Vendor Manifest bundle-symbolicname org.mongodb.driver-core Medium Product file name mongodb-driver-core High Product gradle artifactid mongodb-driver-core Highest Product jar package name mongodb Highest Product Manifest automatic-module-name org.mongodb.driver.core Medium Product Manifest Bundle-Name mongodb-driver-core Medium Product Manifest bundle-symbolicname org.mongodb.driver-core Medium Version file name mongodb-driver-core Medium Version file version 4.11.1 High Version gradle version 4.11.1 Highest Version Manifest build-version 4.11.1 Medium Version Manifest Bundle-Version 4.11.1 High
mongodb-driver-sync-4.11.1.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.mongodb/mongodb-driver-sync/4.11.1/745dd8183b5f89e6211db8c1acdf30cc44447759/mongodb-driver-sync-4.11.1.jarMD5: 3a6bd2e6768a9626a2210f2e28cc47efSHA1: 745dd8183b5f89e6211db8c1acdf30cc44447759SHA256: ba95adc915c8b0745abb0c1b05b42c5a7591088b17e142e6fc7b8ff8da551fb7Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath mongodb-driver-sync-4.11.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/net.javacrumbs.shedlock/shedlock-provider-mongo@5.8.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/net.javacrumbs.shedlock/shedlock-provider-mongo@5.8.0 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/net.javacrumbs.shedlock/shedlock-provider-mongo@5.8.0 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name mongodb-driver-sync High Vendor gradle artifactid mongodb-driver-sync Highest Vendor gradle groupid org.mongodb Highest Vendor jar package name client Highest Vendor jar package name client Low Vendor jar package name internal Low Vendor jar package name mongodb Highest Vendor jar package name mongodb Low Vendor Manifest automatic-module-name org.mongodb.driver.sync.client Medium Vendor Manifest bundle-symbolicname org.mongodb.driver-sync Medium Product file name mongodb-driver-sync High Product gradle artifactid mongodb-driver-sync Highest Product jar package name client Highest Product jar package name client Low Product jar package name internal Low Product jar package name mongodb Highest Product Manifest automatic-module-name org.mongodb.driver.sync.client Medium Product Manifest Bundle-Name mongodb-driver-sync Medium Product Manifest bundle-symbolicname org.mongodb.driver-sync Medium Version file name mongodb-driver-sync Medium Version file version 4.11.1 High Version gradle version 4.11.1 Highest Version Manifest build-version 4.11.1 Medium Version Manifest Bundle-Version 4.11.1 High
mongodb-springdata-v3-driver-4.3.8.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver/4.3.8/b85b0484f53e0f447a7ce2d57252b26c29587440/mongodb-springdata-v3-driver-4.3.8.jarMD5: 7b177938bf65cbd6e161f71a27b6c0c3SHA1: b85b0484f53e0f447a7ce2d57252b26c29587440SHA256: 2076bebc8379f419cc5001fb18b3578360da6aa5b943fe39de2d56e8526c0c36Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath mongodb-springdata-v3-driver-4.3.8.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name mongodb-springdata-v3-driver High Vendor gradle artifactid mongodb-springdata-v3-driver Highest Vendor gradle groupid com.github.cloudyrock.mongock Highest Vendor jar package name cloudyrock Highest Vendor jar package name cloudyrock Low Vendor jar package name driver Highest Vendor jar package name github Highest Vendor jar package name github Low Vendor jar package name mongock Highest Vendor jar package name mongock Low Vendor pom artifactid mongodb-springdata-v3-driver Low Vendor pom groupid com.github.cloudyrock.mongock Highest Vendor pom name Mongock(MongoDB) Driver Spring-data v3.0 () High Vendor pom parent-artifactid mongock Low Product file name mongodb-springdata-v3-driver High Product gradle artifactid mongodb-springdata-v3-driver Highest Product jar package name cloudyrock Highest Product jar package name cloudyrock Low Product jar package name driver Highest Product jar package name driver Low Product jar package name github Highest Product jar package name mongock Highest Product jar package name mongock Low Product pom artifactid mongodb-springdata-v3-driver Highest Product pom groupid com.github.cloudyrock.mongock Highest Product pom name Mongock(MongoDB) Driver Spring-data v3.0 () High Product pom parent-artifactid mongock Medium Version file version 4.3.8 High Version gradle version 4.3.8 Highest Version pom version 4.3.8 Highest
CVE-2014-8180 suppress
MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service. CWE-287 Improper Authentication
CVSSv2:
Base Score: LOW (2.1) Vector: /AV:L/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:1.8/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
mongodb-sync-v4-driver-4.3.8.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.github.cloudyrock.mongock/mongodb-sync-v4-driver/4.3.8/a1f2646e23e56e783896204bdc31397345e4ecdc/mongodb-sync-v4-driver-4.3.8.jarMD5: 9c8562e42b9300d3172b85903f4ddadcSHA1: a1f2646e23e56e783896204bdc31397345e4ecdcSHA256: bff504dbd908fb8b28f38d8958e1291fc27308c2b249cf31ac698781cf39a4beReferenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath mongodb-sync-v4-driver-4.3.8.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongodb-springdata-v3-driver@4.3.8 Evidence Type Source Name Value Confidence Vendor file name mongodb-sync-v4-driver High Vendor gradle artifactid mongodb-sync-v4-driver Highest Vendor gradle groupid com.github.cloudyrock.mongock Highest Vendor jar package name cloudyrock Highest Vendor jar package name cloudyrock Low Vendor jar package name driver Highest Vendor jar package name github Highest Vendor jar package name github Low Vendor jar package name mongock Highest Vendor jar package name mongock Low Vendor pom artifactid mongodb-sync-v4-driver Low Vendor pom groupid com.github.cloudyrock.mongock Highest Vendor pom name Mongock(MongoDB) Driver mongodb-sync v4.0 () High Vendor pom parent-artifactid mongock Low Product file name mongodb-sync-v4-driver High Product gradle artifactid mongodb-sync-v4-driver Highest Product jar package name cloudyrock Highest Product jar package name cloudyrock Low Product jar package name driver Highest Product jar package name driver Low Product jar package name github Highest Product jar package name mongock Highest Product jar package name mongock Low Product pom artifactid mongodb-sync-v4-driver Highest Product pom groupid com.github.cloudyrock.mongock Highest Product pom name Mongock(MongoDB) Driver mongodb-sync v4.0 () High Product pom parent-artifactid mongock Medium Version file version 4.3.8 High Version gradle version 4.3.8 Highest Version pom version 4.3.8 Highest
CVE-2014-8180 suppress
MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service. CWE-287 Improper Authentication
CVSSv2:
Base Score: LOW (2.1) Vector: /AV:L/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:1.8/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
mxparser-1.2.2.jarDescription:
MXParser is a fork of xpp3_min 1.1.7 containing only the parser with merged changes of the Plexus fork.
License:
Indiana University Extreme! Lab Software License: https://raw.githubusercontent.com/x-stream/mxparser/master/LICENSE.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.github.x-stream/mxparser/1.2.2/476fb3b3bb3716cad797cd054ce45f89445794e9/mxparser-1.2.2.jar
MD5: 9d7e42409dfdcee9bd17903015bdeae2
SHA1: 476fb3b3bb3716cad797cd054ce45f89445794e9
SHA256: aeeee23a3303d811bca8790ea7f25b534314861c03cff36dafdcc2180969eb97
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath mxparser-1.2.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name mxparser High Vendor gradle artifactid mxparser Highest Vendor gradle groupid io.github.x-stream Highest Vendor jar package name github Highest Vendor jar package name io Highest Vendor jar package name mxparser Highest Vendor jar package name xstream Highest Vendor Manifest automatic-module-name io.github.xstream.mxparser Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-symbolicname mxparser Medium Vendor Manifest java_1_4_home /opt/blackdown-jdk-1.4.2.03 Low Vendor Manifest java_1_5_home /opt/sun-jdk-1.5.0.22 Low Vendor Manifest java_1_6_home /opt/sun-jdk-1.6.0.45 Low Vendor Manifest java_1_7_home /opt/oracle-jdk-bin-1.7.0.80 Low Vendor Manifest java_1_8_home /opt/oracle-jdk-bin-1.8.0.202 Low Vendor Manifest java_9_home /opt/oracle-jdk-bin-9.0.4 Low Vendor Manifest x-build-os Linux Low Vendor Manifest x-build-time 2021-08-18T22:35:34Z Low Vendor Manifest x-builder Maven 3.8.1 Low Vendor Manifest x-compile-source 1.4 Low Vendor Manifest x-compile-target 1.4 Low Vendor pom artifactid mxparser Low Vendor pom developer id mxparser Medium Vendor pom developer name XStream Committers Medium Vendor pom groupid io.github.x-stream Highest Vendor pom name MXParser High Vendor pom url http://x-stream.github.io/mxparser Highest Product file name mxparser High Product gradle artifactid mxparser Highest Product jar package name github Highest Product jar package name io Highest Product jar package name mxparser Highest Product jar package name xstream Highest Product Manifest automatic-module-name io.github.xstream.mxparser Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest Bundle-Name MXParser Medium Product Manifest bundle-symbolicname mxparser Medium Product Manifest Implementation-Title MXParser High Product Manifest java_1_4_home /opt/blackdown-jdk-1.4.2.03 Low Product Manifest java_1_5_home /opt/sun-jdk-1.5.0.22 Low Product Manifest java_1_6_home /opt/sun-jdk-1.6.0.45 Low Product Manifest java_1_7_home /opt/oracle-jdk-bin-1.7.0.80 Low Product Manifest java_1_8_home /opt/oracle-jdk-bin-1.8.0.202 Low Product Manifest java_9_home /opt/oracle-jdk-bin-9.0.4 Low Product Manifest specification-title MXParser Medium Product Manifest x-build-os Linux Low Product Manifest x-build-time 2021-08-18T22:35:34Z Low Product Manifest x-builder Maven 3.8.1 Low Product Manifest x-compile-source 1.4 Low Product Manifest x-compile-target 1.4 Low Product pom artifactid mxparser Highest Product pom developer id mxparser Low Product pom developer name XStream Committers Low Product pom groupid io.github.x-stream Highest Product pom name MXParser High Product pom url http://x-stream.github.io/mxparser Medium Version file version 1.2.2 High Version gradle version 1.2.2 Highest Version Manifest Bundle-Version 1.2.2 High Version Manifest Implementation-Version 1.2.2 High Version pom version 1.2.2 Highest
nats-spring-0.5.7.jarDescription:
NATS Implementation for Spring File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.nats/nats-spring/0.5.7/ffe462293ff4a7b07eded1c32e3b03ea711958dd/nats-spring-0.5.7.jarMD5: 04033276a5a65a3858319ea3917d265aSHA1: ffe462293ff4a7b07eded1c32e3b03ea711958ddSHA256: e98b60944b7b8d648a59ce069914fd22afdd61f271a75965dd4d355693917d90Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath nats-spring-0.5.7.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name nats-spring High Vendor gradle artifactid nats-spring Highest Vendor gradle groupid io.nats Highest Vendor jar package name io Highest Vendor jar package name nats Highest Vendor jar package name spring Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor CNCF High Vendor pom artifactid nats-spring Low Vendor pom groupid io.nats Highest Vendor pom organization name CNCF High Vendor pom organization url https://www.nats.io Medium Vendor pom parent-artifactid nats-spring-parent Low Product file name nats-spring High Product gradle artifactid nats-spring Highest Product jar package name io Highest Product jar package name nats Highest Product jar package name spring Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title nats-spring High Product pom artifactid nats-spring Highest Product pom groupid io.nats Highest Product pom organization name CNCF Low Product pom organization url https://www.nats.io Low Product pom parent-artifactid nats-spring-parent Medium Version file version 0.5.7 High Version gradle version 0.5.7 Highest Version Manifest Implementation-Version 0.5.7 High Version pom version 0.5.7 Highest
netflix-eventbus-0.3.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.netflix.netflix-commons/netflix-eventbus/0.3.0/3f864adbe81f0849729fcbba3fe693c32be739ea/netflix-eventbus-0.3.0.jarMD5: 8ad05394a13f658a67d1e4cbf0359402SHA1: 3f864adbe81f0849729fcbba3fe693c32be739eaSHA256: 387bce0906f22c285ed96bcc520a7581d6abbc418b6c3c1e45a4530eb97d94b1Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath netflix-eventbus-0.3.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name netflix-eventbus High Vendor gradle artifactid netflix-eventbus Highest Vendor gradle groupid com.netflix.netflix-commons Highest Vendor jar package name eventbus Low Vendor jar package name impl Low Vendor jar package name netflix Low Vendor Manifest build-date 2015-12-03_13:42:40 Low Vendor Manifest build-host https://netflixoss.ci.cloudbees.com/ Low Vendor Manifest build-job NetflixOSS/netflix-commons/netflix-commons-release Low Vendor Manifest build-number 2 Low Vendor Manifest built-os Linux Low Vendor Manifest built-status integration Low Vendor Manifest change 63f9067 Low Vendor Manifest module-email talent@netflix.com Low Vendor Manifest module-origin Netflix/netflix-commons.git Low Vendor Manifest module-owner talent@netflix.com Low Vendor Manifest module-source /netflix-eventbus Low Product file name netflix-eventbus High Product gradle artifactid netflix-eventbus Highest Product jar package name eventbus Highest Product jar package name eventbus Low Product jar package name impl Low Product jar package name netflix Highest Product Manifest build-date 2015-12-03_13:42:40 Low Product Manifest build-host https://netflixoss.ci.cloudbees.com/ Low Product Manifest build-job NetflixOSS/netflix-commons/netflix-commons-release Low Product Manifest build-number 2 Low Product Manifest built-os Linux Low Product Manifest built-status integration Low Product Manifest change 63f9067 Low Product Manifest Implementation-Title com.netflix.netflix-commons#netflix-eventbus;0.3.0 High Product Manifest module-email talent@netflix.com Low Product Manifest module-origin Netflix/netflix-commons.git Low Product Manifest module-owner talent@netflix.com Low Product Manifest module-source /netflix-eventbus Low Version file version 0.3.0 High Version Manifest Implementation-Version 0.3.0 High
netflix-infix-0.3.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.netflix.netflix-commons/netflix-infix/0.3.0/acc65969f7367ddd2f1265e0cd7330509ed530dc/netflix-infix-0.3.0.jarMD5: 3410072887ca26fc0b7e71a7e91f8e2bSHA1: acc65969f7367ddd2f1265e0cd7330509ed530dcSHA256: 7dec45215c262c4f0a42c1f3adb8613788cf43c6ed21274e15c73ea5500d2597Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-discovery:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath netflix-infix-0.3.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name netflix-infix High Vendor gradle artifactid netflix-infix Highest Vendor gradle groupid com.netflix.netflix-commons Highest Vendor jar package name infix Low Vendor jar package name lang Low Vendor jar package name netflix Low Vendor Manifest build-date 2015-12-03_13:42:40 Low Vendor Manifest build-host https://netflixoss.ci.cloudbees.com/ Low Vendor Manifest build-job NetflixOSS/netflix-commons/netflix-commons-release Low Vendor Manifest build-number 2 Low Vendor Manifest built-os Linux Low Vendor Manifest built-status integration Low Vendor Manifest change 63f9067 Low Vendor Manifest module-email talent@netflix.com Low Vendor Manifest module-origin Netflix/netflix-commons.git Low Vendor Manifest module-owner talent@netflix.com Low Vendor Manifest module-source /netflix-infix Low Product file name netflix-infix High Product gradle artifactid netflix-infix Highest Product jar package name infix Highest Product jar package name infix Low Product jar package name lang Low Product jar package name netflix Highest Product Manifest build-date 2015-12-03_13:42:40 Low Product Manifest build-host https://netflixoss.ci.cloudbees.com/ Low Product Manifest build-job NetflixOSS/netflix-commons/netflix-commons-release Low Product Manifest build-number 2 Low Product Manifest built-os Linux Low Product Manifest built-status integration Low Product Manifest change 63f9067 Low Product Manifest Implementation-Title com.netflix.netflix-commons#netflix-infix;0.3.0 High Product Manifest module-email talent@netflix.com Low Product Manifest module-origin Netflix/netflix-commons.git Low Product Manifest module-owner talent@netflix.com Low Product Manifest module-source /netflix-infix Low Version file version 0.3.0 High Version Manifest Implementation-Version 0.3.0 High
netty-buffer-4.1.107.Final.jar netty-codec-4.1.107.Final.jar netty-codec-dns-4.1.107.Final.jar netty-codec-http-4.1.107.Final.jarDescription:
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers and clients. License:
https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.netty/netty-codec-http/4.1.107.Final/4d8e9e51b7254bd26a42fe17bdcae32e4c6ebb3/netty-codec-http-4.1.107.Final.jar
MD5: 1be0033e1382e6cd0920131a8e23074b
SHA1: 04d8e9e51b7254bd26a42fe17bdcae32e4c6ebb3
SHA256: 0f35f57ecc11e1227d0c65d65582adc1075474a30a8fd3cff0f6e9a66c9e2a74
Referenced In Projects/Scopes: opencdx-client:productionRuntimeClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-client:compileClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath netty-codec-http-4.1.107.Final.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-gateway@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-gateway@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/org.springframework.cloud/spring-cloud-starter-gateway@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name netty-codec-http High Vendor gradle artifactid netty-codec-http Highest Vendor gradle groupid io.netty Highest Vendor jar package name codec Highest Vendor jar package name io Highest Vendor jar package name netty Highest Vendor Manifest automatic-module-name io.netty.codec.http Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://netty.io/ Low Vendor Manifest bundle-symbolicname io.netty.codec-http Medium Vendor Manifest implementation-url https://netty.io/netty-codec-http/ Low Vendor Manifest Implementation-Vendor The Netty Project High Vendor Manifest Implementation-Vendor-Id io.netty Medium Vendor Manifest specification-vendor The Netty Project Low Vendor pom artifactid netty-codec-http Low Vendor pom groupid io.netty Highest Vendor pom name Netty/Codec/HTTP High Vendor pom parent-artifactid netty-parent Low Product file name netty-codec-http High Product gradle artifactid netty-codec-http Highest Product jar package name codec Highest Product jar package name io Highest Product jar package name netty Highest Product Manifest automatic-module-name io.netty.codec.http Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://netty.io/ Low Product Manifest Bundle-Name Netty/Codec/HTTP Medium Product Manifest bundle-symbolicname io.netty.codec-http Medium Product Manifest Implementation-Title Netty/Codec/HTTP High Product Manifest implementation-url https://netty.io/netty-codec-http/ Low Product Manifest specification-title Netty/Codec/HTTP Medium Product pom artifactid netty-codec-http Highest Product pom groupid io.netty Highest Product pom name Netty/Codec/HTTP High Product pom parent-artifactid netty-parent Medium Version gradle version 4.1.107.Final Highest Version Manifest Bundle-Version 4.1.107.Final High Version Manifest Implementation-Version 4.1.107.Final High Version pom version 4.1.107.Final Highest
CVE-2024-29025 (OSSINDEX) suppress
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `HttpPostRequestDecoder` can be tricked to accumulate data. While the decoder can store items on the disk if configured so, there are no limits to the number of fields the form can have, an attacher can send a chunked post consisting of many small fields that will be accumulated in the `bodyListHttpData` list. The decoder cumulates bytes in the `undecodedChunk` buffer until it can decode a field, this field can cumulate data without limits. This vulnerability is fixed in 4.1.108.Final.
Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2024-29025 for details CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv3:
Base Score: MEDIUM (5.300000190734863) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:io.netty:netty-codec-http:4.1.107.Final:*:*:*:*:*:*:* netty-codec-http2-4.1.107.Final.jar netty-codec-socks-4.1.107.Final.jar netty-common-4.1.107.Final.jar (shaded: org.jctools:jctools-core:3.1.0)Description:
Java Concurrency Tools Core Library License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.netty/netty-common/4.1.107.Final/4f17a547530d64becd7179507b25f4154bcfba57/netty-common-4.1.107.Final.jar/META-INF/maven/org.jctools/jctools-core/pom.xml
MD5: 08e7326c64d7fd6ae4ea32e7eb4e5b79
SHA1: 9deceaba814dea198202b04fe0eec0d2dbf69ea9
SHA256: acaf1b4c366f6794a734288a2c003f16af90a9c479cf4d7daade689764e4fb47
Referenced In Projects/Scopes: opencdx-client:productionRuntimeClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-client:compileClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath Evidence Type Source Name Value Confidence Vendor pom artifactid jctools-core Low Vendor pom groupid org.jctools Highest Vendor pom name Java Concurrency Tools Core Library High Vendor pom url JCTools Highest Product pom artifactid jctools-core Highest Product pom groupid org.jctools Highest Product pom name Java Concurrency Tools Core Library High Product pom url JCTools High Version pom version 3.1.0 Highest
netty-common-4.1.107.Final.jar netty-handler-4.1.107.Final.jar netty-handler-proxy-4.1.107.Final.jar netty-resolver-4.1.107.Final.jar netty-resolver-dns-4.1.107.Final.jar netty-resolver-dns-classes-macos-4.1.107.Final.jar netty-resolver-dns-native-macos-4.1.107.Final-osx-x86_64.jar netty-tcnative-boringssl-static-2.0.61.Final.jar netty-tcnative-classes-2.0.61.Final.jar netty-transport-4.1.107.Final.jar netty-transport-classes-epoll-4.1.107.Final.jar netty-transport-native-epoll-4.1.107.Final-linux-x86_64.jar netty-transport-native-unix-common-4.1.107.Final.jar objenesis-3.3.jar opencdx-client-0.1.20240501165702-plain.jarFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-client/build/libs/opencdx-client-0.1.20240501165702-plain.jarMD5: 1f24152033d52cdc3291193ea01b3565SHA1: b84a81ad5bc48de92c00a472e01b6f41d4b364eaSHA256: db90436f197e17aae7091389f580574dc53a86a7d13b8e3958c4f2d962590adeReferenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath opencdx-client-0.1.20240501165702-plain.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name opencdx-client High Vendor gradle artifactid opencdx-client Highest Vendor gradle groupid cdx.opencdx Highest Vendor jar package name cdx Low Vendor jar package name client Low Vendor jar package name opencdx Low Product file name opencdx-client High Product gradle artifactid opencdx-client Highest Product jar package name client Low Product jar package name opencdx Low Product jar package name service Low Version file name opencdx-client Medium Version file version 0.1.20240501165702 High Version gradle version 0.1.20240501165702 Highest
opencdx-commons-0.1.20240501165702-plain.jarFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-commons/build/libs/opencdx-commons-0.1.20240501165702-plain.jarMD5: c0d53df85b15823d9cca8b4f82a4621bSHA1: 5b7b059c3c009a1a7d0fbdecb46bcd409cb90b68SHA256: 7e049b27a60f2785ce158e9723f65d9c161b8cc6b19cfe1673bb18f731b36749Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-logistics:compileClasspath opencdx-questionnaire:compileClasspath opencdx-helloworld:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-communications:runtimeClasspath opencdx-helloworld:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-communications:compileClasspath opencdx-commons-0.1.20240501165702-plain.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name opencdx-commons High Vendor gradle artifactid opencdx-commons Highest Vendor gradle groupid cdx.opencdx Highest Vendor jar package name cdx Low Vendor jar package name commons Low Vendor jar package name opencdx Low Product file name opencdx-commons High Product gradle artifactid opencdx-commons Highest Product jar package name commons Low Product jar package name opencdx Low Version file name opencdx-commons Medium Version file version 0.1.20240501165702 High Version gradle version 0.1.20240501165702 Highest
opencdx-proto-0.1.20240501165702-plain.jarFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-proto/build/libs/opencdx-proto-0.1.20240501165702-plain.jarMD5: 4387d0d569be9d51bb2ba352a88c0b23SHA1: 148d9bb0436f97b4b2756e4717edfb76c15bcdd3SHA256: 0a942a9917a5616df034349627b91a1c5fbecffbb776b4f14c345ad57400cc3bReferenced In Projects/Scopes:
opencdx-client:productionRuntimeClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-client:compileClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath opencdx-proto-0.1.20240501165702-plain.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name opencdx-proto High Vendor gradle artifactid opencdx-proto Highest Vendor gradle groupid cdx.opencdx Highest Vendor jar package name cdx Low Vendor jar package name grpc Low Vendor jar package name opencdx Low Product file name opencdx-proto High Product gradle artifactid opencdx-proto Highest Product jar package name grpc Low Product jar package name opencdx Low Product jar package name service Low Version file name opencdx-proto Medium Version file version 0.1.20240501165702 High Version gradle version 0.1.20240501165702 Highest
CVE-2017-7860 suppress
Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parse_unix function in core/ext/client_channel/parse_address.c. CWE-787 Out-of-bounds Write
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2017-7861 suppress
Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c. CWE-787 Out-of-bounds Write
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2017-8359 suppress
Google gRPC before 2017-03-29 has an out-of-bounds write caused by a heap-based use-after-free related to the grpc_call_destroy function in core/lib/surface/call.c. CWE-787 Out-of-bounds Write
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2017-9431 suppress
Google gRPC before 2017-04-05 has an out-of-bounds write caused by a heap-based buffer overflow related to core/lib/iomgr/error.c. CWE-787 Out-of-bounds Write
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2020-7768 suppress
The package grpc before 1.24.4; the package @grpc/grpc-js before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition. CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
CVE-2023-33953 suppress
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/��Three vectors were found that allow the following DOS attacks:
- Unbounded memory buffering in the HPACK parser
- Unbounded CPU consumption in the HPACK parser
The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.
The unbounded memory buffering bugs:
- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.
- HPACK varints have an encoding quirk whereby an infinite number of 0���s can be added at the start of an integer. gRPC���s hpack parser needed to read all of them before concluding a parse.
- gRPC���s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc��� CWE-789 Memory Allocation with Excessive Size Value, CWE-834 Excessive Iteration, CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
CVE-2023-44487 suppress
CISA Known Exploited Vulnerability: Product: IETF HTTP/2 Name: HTTP/2 Rapid Reset Attack Vulnerability Date Added: 2023-10-10 Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2023-10-31 Notes: https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
cve@mitre.org - EXPLOIT,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PATCH,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,PRESS/MEDIA_COVERAGE cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,THIRD_PARTY_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - ISSUE_TRACKING,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST,PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,PATCH,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MAILING_LIST,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,PATCH,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - MITIGATION,VENDOR_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,THIRD_PARTY_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PATCH,VENDOR_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRESS/MEDIA_COVERAGE,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,THIRD_PARTY_ADVISORY cve@mitre.org - PRODUCT,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,THIRD_PARTY_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - RELEASE_NOTES,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,THIRD_PARTY_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - TECHNICAL_DESCRIPTION,VENDOR_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY,US_GOVERNMENT_RESOURCE cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY Vulnerable Software & Versions: (show all )
CVE-2023-32732 suppress
gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in�� https://github.com/grpc/grpc/pull/32309 https://www.google.com/url
NVD-CWE-Other, CWE-440 Expected Behavior Violation
CVSSv3:
Base Score: MEDIUM (5.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions:
opentest4j-1.3.0.jar org.eclipse.jgit-6.6.1.202309021850-r.jarDescription:
Repository access and algorithms
File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.eclipse.jgit/org.eclipse.jgit/6.6.1.202309021850-r/4144dfe73e0ae5751f64972d84b6100a53c05ee/org.eclipse.jgit-6.6.1.202309021850-r.jarMD5: 5081e9662b2e83dc9ee89c5214522a48SHA1: 04144dfe73e0ae5751f64972d84b6100a53c05eeSHA256: bb9bb14a7dd480cc119b94d6e6d01fd15ab353be62dcdd88a7e7ff7baba575b0Referenced In Projects/Scopes:
opencdx-config:compileClasspath opencdx-config:runtimeClasspath opencdx-config:productionRuntimeClasspath org.eclipse.jgit-6.6.1.202309021850-r.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name org.eclipse.jgit High Vendor gradle artifactid org.eclipse.jgit Highest Vendor gradle groupid org.eclipse.jgit Highest Vendor jar package name eclipse Highest Vendor jar package name jgit Highest Vendor jar package name repository Highest Vendor Manifest automatic-module-name org.eclipse.jgit Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-localization plugin Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-11 Low Vendor Manifest bundle-symbolicname org.eclipse.jgit Medium Vendor Manifest eclipse-extensibleapi true Low Vendor Manifest Implementation-Vendor Eclipse.org - JGit High Vendor Manifest Implementation-Vendor-Id org.eclipse.jgit Medium Vendor Manifest implementation-vendor-url https://www.eclipse.org/jgit/ Medium Vendor pom artifactid eclipse.jgit Low Vendor pom groupid org.eclipse.jgit Highest Vendor pom name JGit - Core High Vendor pom parent-artifactid org.eclipse.jgit-parent Low Product file name org.eclipse.jgit High Product gradle artifactid org.eclipse.jgit Highest Product jar package name eclipse Highest Product jar package name jgit Highest Product jar package name repository Highest Product Manifest automatic-module-name org.eclipse.jgit Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-localization plugin Low Product Manifest Bundle-Name %Bundle-Name Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-11 Low Product Manifest bundle-symbolicname org.eclipse.jgit Medium Product Manifest eclipse-extensibleapi true Low Product Manifest Implementation-Title JGit org.eclipse.jgit High Product pom artifactid eclipse.jgit Highest Product pom groupid org.eclipse.jgit Highest Product pom name JGit - Core High Product pom parent-artifactid org.eclipse.jgit-parent Medium Version gradle version 6.6.1.202309021850-r Highest Version Manifest Bundle-Version 6.6.1.202309021850-r High Version Manifest Implementation-Version 6.6.1.202309021850-r High Version pom version 6.6.1.202309021850-r Highest
org.eclipse.jgit.http.apache-6.6.1.202309021850-r.jarDescription:
Apache httpclient based HTTP support
File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.eclipse.jgit/org.eclipse.jgit.http.apache/6.6.1.202309021850-r/73230965ceee4d9382021ba37d99e4720b1998ba/org.eclipse.jgit.http.apache-6.6.1.202309021850-r.jarMD5: c9b7ceabcfc3cfca14709667dd8ec121SHA1: 73230965ceee4d9382021ba37d99e4720b1998baSHA256: bfc418b5884221dd21856b9757fbbe9ddf945964efb0ef535d00bf67b1d413a8Referenced In Projects/Scopes:
opencdx-config:compileClasspath opencdx-config:runtimeClasspath opencdx-config:productionRuntimeClasspath org.eclipse.jgit.http.apache-6.6.1.202309021850-r.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name org.eclipse.jgit.http.apache High Vendor gradle artifactid org.eclipse.jgit.http.apache Highest Vendor gradle groupid org.eclipse.jgit Highest Vendor jar package name eclipse Highest Vendor jar package name http Highest Vendor jar package name jgit Highest Vendor Manifest automatic-module-name org.eclipse.jgit.http.apache Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-localization plugin Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-11 Low Vendor Manifest bundle-symbolicname org.eclipse.jgit.http.apache Medium Vendor Manifest Implementation-Vendor Eclipse.org - JGit High Vendor Manifest Implementation-Vendor-Id org.eclipse.jgit Medium Vendor Manifest implementation-vendor-url https://www.eclipse.org/jgit/ Medium Vendor pom artifactid eclipse.jgit.http.apache Low Vendor pom groupid org.eclipse.jgit Highest Vendor pom name JGit - Apache httpclient based HTTP support High Vendor pom parent-artifactid org.eclipse.jgit-parent Low Product file name org.eclipse.jgit.http.apache High Product gradle artifactid org.eclipse.jgit.http.apache Highest Product jar package name eclipse Highest Product jar package name http Highest Product jar package name jgit Highest Product Manifest automatic-module-name org.eclipse.jgit.http.apache Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-activationpolicy lazy Low Product Manifest bundle-localization plugin Low Product Manifest Bundle-Name %Bundle-Name Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-11 Low Product Manifest bundle-symbolicname org.eclipse.jgit.http.apache Medium Product Manifest Implementation-Title JGit org.eclipse.jgit.http.apache High Product pom artifactid eclipse.jgit.http.apache Highest Product pom groupid org.eclipse.jgit Highest Product pom name JGit - Apache httpclient based HTTP support High Product pom parent-artifactid org.eclipse.jgit-parent Medium Version gradle version 6.6.1.202309021850-r Highest Version Manifest Bundle-Version 6.6.1.202309021850-r High Version Manifest Implementation-Version 6.6.1.202309021850-r High Version pom version 6.6.1.202309021850-r Highest
org.eclipse.jgit.ssh.apache-6.6.1.202309021850-r.jarDescription:
SSH support for JGit based on Apache MINA sshd
File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.eclipse.jgit/org.eclipse.jgit.ssh.apache/6.6.1.202309021850-r/aa61672a3f29e459325d1f375a5b0be2c8dbcf0c/org.eclipse.jgit.ssh.apache-6.6.1.202309021850-r.jarMD5: 158f70f23d7afc97fa73326bb9597c7bSHA1: aa61672a3f29e459325d1f375a5b0be2c8dbcf0cSHA256: cc379265edb2b74850156c16fefd7990281bf47e33fe7665e838f8b5fdb94755Referenced In Projects/Scopes:
opencdx-config:compileClasspath opencdx-config:runtimeClasspath opencdx-config:productionRuntimeClasspath org.eclipse.jgit.ssh.apache-6.6.1.202309021850-r.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name org.eclipse.jgit.ssh.apache High Vendor gradle artifactid org.eclipse.jgit.ssh.apache Highest Vendor gradle groupid org.eclipse.jgit Highest Vendor jar package name eclipse Highest Vendor jar package name jgit Highest Vendor jar package name sshd Highest Vendor Manifest automatic-module-name org.eclipse.jgit.ssh.apache Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-localization plugin Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-11 Low Vendor Manifest bundle-symbolicname org.eclipse.jgit.ssh.apache Medium Vendor Manifest Implementation-Vendor Eclipse.org - JGit High Vendor Manifest Implementation-Vendor-Id org.eclipse.jgit Medium Vendor Manifest implementation-vendor-url https://www.eclipse.org/jgit/ Medium Vendor pom artifactid eclipse.jgit.ssh.apache Low Vendor pom groupid org.eclipse.jgit Highest Vendor pom name JGit - Apache sshd-based SSH support High Vendor pom parent-artifactid org.eclipse.jgit-parent Low Product file name org.eclipse.jgit.ssh.apache High Product gradle artifactid org.eclipse.jgit.ssh.apache Highest Product jar package name eclipse Highest Product jar package name jgit Highest Product jar package name sshd Highest Product Manifest automatic-module-name org.eclipse.jgit.ssh.apache Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-activationpolicy lazy Low Product Manifest bundle-localization plugin Low Product Manifest Bundle-Name %Bundle-Name Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-11 Low Product Manifest bundle-symbolicname org.eclipse.jgit.ssh.apache Medium Product Manifest Implementation-Title JGit org.eclipse.jgit.ssh.apache High Product pom artifactid eclipse.jgit.ssh.apache Highest Product pom groupid org.eclipse.jgit Highest Product pom name JGit - Apache sshd-based SSH support High Product pom parent-artifactid org.eclipse.jgit-parent Medium Version gradle version 6.6.1.202309021850-r Highest Version Manifest Bundle-Version 6.6.1.202309021850-r High Version Manifest Implementation-Version 6.6.1.202309021850-r High Version pom version 6.6.1.202309021850-r Highest
org.hl7.fhir.r4-6.0.22.2.jarDescription:
An open-source implementation of the FHIR specification in Java. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/ca.uhn.hapi.fhir/org.hl7.fhir.r4/6.0.22.2/640b1d3cf9f8b71f2ad0b00e80ea672da7e9f4dc/org.hl7.fhir.r4-6.0.22.2.jar
MD5: 13c47f2ee8a094b86f78a9ed9b789839
SHA1: 640b1d3cf9f8b71f2ad0b00e80ea672da7e9f4dc
SHA256: 946fba90b1473085c89915fcf840a81bf9ac4e3b6cc5bccc29c60c508b79ddf8
Referenced In Projects/Scopes: opencdx-classification:runtimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-classification:compileClasspath org.hl7.fhir.r4-6.0.22.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 Evidence Type Source Name Value Confidence Vendor file name org.hl7.fhir.r4 High Vendor gradle artifactid org.hl7.fhir.r4 Highest Vendor gradle groupid ca.uhn.hapi.fhir Highest Vendor jar package name fhir Highest Vendor jar package name hl7 Highest Vendor jar package name r4 Highest Vendor Manifest bundle-docurl http://hl7.org Low Vendor Manifest bundle-symbolicname ca.uhn.hapi.fhir.org.hl7.fhir.r4 Medium Vendor pom artifactid hl7.fhir.r4 Low Vendor pom groupid ca.uhn.hapi.fhir Highest Vendor pom parent-artifactid org.hl7.fhir.core Low Product file name org.hl7.fhir.r4 High Product gradle artifactid org.hl7.fhir.r4 Highest Product jar package name fhir Highest Product jar package name hl7 Highest Product jar package name r4 Highest Product Manifest bundle-docurl http://hl7.org Low Product Manifest Bundle-Name org.hl7.fhir.r4 Medium Product Manifest bundle-symbolicname ca.uhn.hapi.fhir.org.hl7.fhir.r4 Medium Product pom artifactid hl7.fhir.r4 Highest Product pom groupid ca.uhn.hapi.fhir Highest Product pom parent-artifactid org.hl7.fhir.core Medium Version file version 6.0.22.2 High Version gradle version 6.0.22.2 Highest Version Manifest Bundle-Version 6.0.22.2 High Version pom version 6.0.22.2 Highest
org.hl7.fhir.utilities-6.0.22.2.jarDescription:
An open-source implementation of the FHIR specification in Java. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/ca.uhn.hapi.fhir/org.hl7.fhir.utilities/6.0.22.2/ecce392d57f9f914e4d2c52e9e75cb71d56d1001/org.hl7.fhir.utilities-6.0.22.2.jar
MD5: 9bfe51c411cc16574e4b5743c575c029
SHA1: ecce392d57f9f914e4d2c52e9e75cb71d56d1001
SHA256: 623b4383642bba03d1bc9940ed4b54713ac5d5d0be85e6f3cbca2ee8ee68f4b7
Referenced In Projects/Scopes: opencdx-classification:runtimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-classification:compileClasspath org.hl7.fhir.utilities-6.0.22.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 pkg:maven/ca.uhn.hapi.fhir/hapi-fhir-structures-r4@6.8.7 Evidence Type Source Name Value Confidence Vendor file name org.hl7.fhir.utilities High Vendor gradle artifactid org.hl7.fhir.utilities Highest Vendor gradle groupid ca.uhn.hapi.fhir Highest Vendor jar package name fhir Highest Vendor jar package name hl7 Highest Vendor jar package name utilities Highest Vendor Manifest bundle-docurl http://hl7.org Low Vendor Manifest bundle-symbolicname ca.uhn.hapi.fhir.org.hl7.fhir.utilities Medium Vendor pom artifactid hl7.fhir.utilities Low Vendor pom groupid ca.uhn.hapi.fhir Highest Vendor pom parent-artifactid org.hl7.fhir.core Low Product file name org.hl7.fhir.utilities High Product gradle artifactid org.hl7.fhir.utilities Highest Product jar package name fhir Highest Product jar package name hl7 Highest Product jar package name utilities Highest Product Manifest bundle-docurl http://hl7.org Low Product Manifest Bundle-Name org.hl7.fhir.utilities Medium Product Manifest bundle-symbolicname ca.uhn.hapi.fhir.org.hl7.fhir.utilities Medium Product pom artifactid hl7.fhir.utilities Highest Product pom groupid ca.uhn.hapi.fhir Highest Product pom parent-artifactid org.hl7.fhir.core Medium Version file version 6.0.22.2 High Version gradle version 6.0.22.2 Highest Version Manifest Bundle-Version 6.0.22.2 High Version pom version 6.0.22.2 Highest
org.jacoco.agent-0.8.9.jarDescription:
JaCoCo Agent License:
https://www.eclipse.org/legal/epl-2.0/ File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.jacoco/org.jacoco.agent/0.8.9/9af6e948fe6611437a691c4052cc7ff59cfa9a87/org.jacoco.agent-0.8.9.jar
MD5: b09c7ffaede51aeb5f351b32ed942082
SHA1: 9af6e948fe6611437a691c4052cc7ff59cfa9a87
SHA256: c067e29a49063220e75215eff1bc234584ad002e747afdf13a69662be5b0e07d
Referenced In Projects/Scopes: opencdx-classification-analyzer:jacocoAnt opencdx-iam:jacocoAgent opencdx-helloworld:jacocoAnt opencdx-audit:jacocoAgent opencdx-audit:jacocoAnt opencdx-health:jacocoAgent opencdx-gateway:jacocoAgent opencdx-gateway:jacocoAnt opencdx-admin:jacocoAgent opencdx-helloworld:jacocoAgent opencdx-tinkar:jacocoAgent opencdx-questionnaire:jacocoAnt opencdx-iam:jacocoAnt opencdx-proto:jacocoAnt opencdx-tinkar:jacocoAnt opencdx-config:jacocoAnt opencdx-media:jacocoAgent opencdx-proto:jacocoAgent opencdx-classification:jacocoAgent opencdx-questionnaire:jacocoAgent OpenCDX:jacocoAnt opencdx-logistics:jacocoAgent opencdx-discovery:jacocoAgent opencdx-config:jacocoAgent opencdx-logistics:jacocoAnt OpenCDX:jacocoAgent opencdx-discovery:jacocoAnt opencdx-client:jacocoAgent opencdx-admin:jacocoAnt opencdx-media:jacocoAnt opencdx-classification-analyzer:jacocoAgent opencdx-client:jacocoAnt opencdx-health:jacocoAnt opencdx-communications:jacocoAnt opencdx-classification:jacocoAnt opencdx-commons:jacocoAnt opencdx-communications:jacocoAgent opencdx-commons:jacocoAgent org.jacoco.agent-0.8.9.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-admin@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-discovery@0.1.20240501165702 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/OpenCDX@0.1.20240501165702 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-gateway@0.1.20240501165702 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name org.jacoco.agent High Vendor gradle artifactid org.jacoco.agent Highest Vendor gradle groupid org.jacoco Highest Vendor jar package name agent Highest Vendor jar package name jacoco Highest Vendor Manifest automatic-module-name org.jacoco.agent Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.jacoco.agent Medium Vendor Manifest originally-created-by Apache Maven Bundle Plugin Low Vendor pom artifactid jacoco.agent Low Vendor pom groupid org.jacoco Highest Vendor pom name JaCoCo :: Agent High Vendor pom parent-artifactid org.jacoco.build Low Product file name org.jacoco.agent High Product gradle artifactid org.jacoco.agent Highest Product jar package name agent Highest Product jar package name jacoco Highest Product Manifest automatic-module-name org.jacoco.agent Medium Product Manifest Bundle-Name JaCoCo Agent Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.jacoco.agent Medium Product Manifest originally-created-by Apache Maven Bundle Plugin Low Product pom artifactid jacoco.agent Highest Product pom groupid org.jacoco Highest Product pom name JaCoCo :: Agent High Product pom parent-artifactid org.jacoco.build Medium Version file version 0.8.9 High Version gradle version 0.8.9 Highest Version pom version 0.8.9 Highest
org.jacoco.agent-0.8.9.jar: jacocoagent.jar (shaded: org.jacoco:org.jacoco.agent.rt:0.8.9)Description:
JaCoCo Java Agent File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.jacoco/org.jacoco.agent/0.8.9/9af6e948fe6611437a691c4052cc7ff59cfa9a87/org.jacoco.agent-0.8.9.jar/jacocoagent.jar/META-INF/maven/org.jacoco/org.jacoco.agent.rt/pom.xmlMD5: 06f8be91bf1dee590f62342c16f4cb5eSHA1: b76c6513056458a597ff2fee17812306d1517b1dSHA256: d1e4d1e96612c192aa62af1e4fb053720b74b890d38b5cec03bc4a0fa62b58b2Referenced In Projects/Scopes:
opencdx-classification-analyzer:jacocoAnt opencdx-iam:jacocoAgent opencdx-helloworld:jacocoAnt opencdx-audit:jacocoAgent opencdx-audit:jacocoAnt opencdx-health:jacocoAgent opencdx-gateway:jacocoAgent opencdx-gateway:jacocoAnt opencdx-admin:jacocoAgent opencdx-helloworld:jacocoAgent opencdx-tinkar:jacocoAgent opencdx-questionnaire:jacocoAnt opencdx-iam:jacocoAnt opencdx-proto:jacocoAnt opencdx-tinkar:jacocoAnt opencdx-config:jacocoAnt opencdx-media:jacocoAgent opencdx-proto:jacocoAgent opencdx-classification:jacocoAgent opencdx-questionnaire:jacocoAgent OpenCDX:jacocoAnt opencdx-logistics:jacocoAgent opencdx-discovery:jacocoAgent opencdx-config:jacocoAgent opencdx-logistics:jacocoAnt OpenCDX:jacocoAgent opencdx-discovery:jacocoAnt opencdx-client:jacocoAgent opencdx-admin:jacocoAnt opencdx-media:jacocoAnt opencdx-classification-analyzer:jacocoAgent opencdx-client:jacocoAnt opencdx-health:jacocoAnt opencdx-communications:jacocoAnt opencdx-classification:jacocoAnt opencdx-commons:jacocoAnt opencdx-communications:jacocoAgent opencdx-commons:jacocoAgent Evidence Type Source Name Value Confidence Vendor pom artifactid jacoco.agent.rt Low Vendor pom groupid org.jacoco Highest Vendor pom name JaCoCo :: Agent RT High Vendor pom parent-artifactid org.jacoco.build Low Product pom artifactid jacoco.agent.rt Highest Product pom groupid org.jacoco Highest Product pom name JaCoCo :: Agent RT High Product pom parent-artifactid org.jacoco.build Medium Version pom version 0.8.9 Highest
org.jacoco.agent-0.8.9.jar: jacocoagent.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.jacoco/org.jacoco.agent/0.8.9/9af6e948fe6611437a691c4052cc7ff59cfa9a87/org.jacoco.agent-0.8.9.jar/jacocoagent.jarMD5: e852c5e07bc13ffdc6a68303799f80adSHA1: ad836d1c585c7e1dbf5cf828efa34528d9700303SHA256: 191734a0b7ef97606e6a09ae584c4acab47eb30fcb4c555d3d440d4e0d71d73dReferenced In Projects/Scopes:
opencdx-classification-analyzer:jacocoAnt opencdx-iam:jacocoAgent opencdx-helloworld:jacocoAnt opencdx-audit:jacocoAgent opencdx-audit:jacocoAnt opencdx-health:jacocoAgent opencdx-gateway:jacocoAgent opencdx-gateway:jacocoAnt opencdx-admin:jacocoAgent opencdx-helloworld:jacocoAgent opencdx-tinkar:jacocoAgent opencdx-questionnaire:jacocoAnt opencdx-iam:jacocoAnt opencdx-proto:jacocoAnt opencdx-tinkar:jacocoAnt opencdx-config:jacocoAnt opencdx-media:jacocoAgent opencdx-proto:jacocoAgent opencdx-classification:jacocoAgent opencdx-questionnaire:jacocoAgent OpenCDX:jacocoAnt opencdx-logistics:jacocoAgent opencdx-discovery:jacocoAgent opencdx-config:jacocoAgent opencdx-logistics:jacocoAnt OpenCDX:jacocoAgent opencdx-discovery:jacocoAnt opencdx-client:jacocoAgent opencdx-admin:jacocoAnt opencdx-media:jacocoAnt opencdx-classification-analyzer:jacocoAgent opencdx-client:jacocoAnt opencdx-health:jacocoAnt opencdx-communications:jacocoAnt opencdx-classification:jacocoAnt opencdx-commons:jacocoAnt opencdx-communications:jacocoAgent opencdx-commons:jacocoAgent Evidence Type Source Name Value Confidence Vendor file name jacocoagent High Vendor jar package name agent Highest Vendor jar package name agent Low Vendor jar package name jacoco Highest Vendor jar package name jacoco Low Vendor jar package name rt Highest Vendor jar package name rt Low Vendor Manifest automatic-module-name org.jacoco.agent.rt Medium Vendor Manifest Implementation-Vendor Mountainminds GmbH & Co. KG High Product file name jacocoagent High Product jar package name agent Highest Product jar package name agent Low Product jar package name internal_4481564 Low Product jar package name jacoco Highest Product jar package name rt Highest Product jar package name rt Low Product Manifest automatic-module-name org.jacoco.agent.rt Medium Product Manifest Implementation-Title JaCoCo Java Agent High Version Manifest Implementation-Version 0.8.9 High
org.jacoco.ant-0.8.9.jarDescription:
JaCoCo Ant Tasks License:
https://www.eclipse.org/legal/epl-2.0/ File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.jacoco/org.jacoco.ant/0.8.9/4b48634d95f05a435a4ad10d1c4d71d07bbf95a1/org.jacoco.ant-0.8.9.jar
MD5: d1fb6d2b6dda5d08ccb585310824e16a
SHA1: 4b48634d95f05a435a4ad10d1c4d71d07bbf95a1
SHA256: 5695ecd24f04c421b12a74f4b44042857b16eed0bc049ff38dd6dc40abca7bef
Referenced In Projects/Scopes: opencdx-classification-analyzer:jacocoAnt opencdx-helloworld:jacocoAnt opencdx-logistics:jacocoAnt opencdx-audit:jacocoAnt opencdx-discovery:jacocoAnt opencdx-gateway:jacocoAnt opencdx-admin:jacocoAnt opencdx-media:jacocoAnt opencdx-questionnaire:jacocoAnt opencdx-iam:jacocoAnt opencdx-proto:jacocoAnt opencdx-tinkar:jacocoAnt opencdx-config:jacocoAnt opencdx-client:jacocoAnt opencdx-health:jacocoAnt opencdx-communications:jacocoAnt OpenCDX:jacocoAnt opencdx-classification:jacocoAnt opencdx-commons:jacocoAnt org.jacoco.ant-0.8.9.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/OpenCDX@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-gateway@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-admin@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-discovery@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name org.jacoco.ant High Vendor gradle artifactid org.jacoco.ant Highest Vendor gradle groupid org.jacoco Highest Vendor jar package name ant Highest Vendor jar package name jacoco Highest Vendor Manifest automatic-module-name org.jacoco.ant Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.jacoco.ant Medium Vendor Manifest require-bundle org.apache.ant;bundle-version="[1.7.0,2.0.0)" Low Vendor pom artifactid jacoco.ant Low Vendor pom groupid org.jacoco Highest Vendor pom name JaCoCo :: Ant High Vendor pom parent-artifactid org.jacoco.build Low Product file name org.jacoco.ant High Product gradle artifactid org.jacoco.ant Highest Product jar package name ant Highest Product jar package name jacoco Highest Product Manifest automatic-module-name org.jacoco.ant Medium Product Manifest Bundle-Name JaCoCo Ant Tasks Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.jacoco.ant Medium Product Manifest require-bundle org.apache.ant;bundle-version="[1.7.0,2.0.0)" Low Product pom artifactid jacoco.ant Highest Product pom groupid org.jacoco Highest Product pom name JaCoCo :: Ant High Product pom parent-artifactid org.jacoco.build Medium Version file version 0.8.9 High Version gradle version 0.8.9 Highest Version pom version 0.8.9 Highest
org.jacoco.core-0.8.9.jarDescription:
JaCoCo Core License:
https://www.eclipse.org/legal/epl-2.0/ File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.jacoco/org.jacoco.core/0.8.9/60b6ad6c57a4822b571bec969ebe7182b7b43397/org.jacoco.core-0.8.9.jar
MD5: 2cdb1eae0b33f537d72bc39b0f3ae43a
SHA1: 60b6ad6c57a4822b571bec969ebe7182b7b43397
SHA256: a33e041dd97530ea57d6dde0e2635ea51680827d2dc0de372d3ccc45b51e68c7
Referenced In Projects/Scopes: opencdx-classification-analyzer:jacocoAnt opencdx-helloworld:jacocoAnt opencdx-logistics:jacocoAnt opencdx-audit:jacocoAnt opencdx-discovery:jacocoAnt opencdx-gateway:jacocoAnt opencdx-admin:jacocoAnt opencdx-media:jacocoAnt opencdx-questionnaire:jacocoAnt opencdx-iam:jacocoAnt opencdx-proto:jacocoAnt opencdx-tinkar:jacocoAnt opencdx-config:jacocoAnt opencdx-client:jacocoAnt opencdx-health:jacocoAnt opencdx-communications:jacocoAnt OpenCDX:jacocoAnt opencdx-classification:jacocoAnt opencdx-commons:jacocoAnt org.jacoco.core-0.8.9.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 Evidence Type Source Name Value Confidence Vendor file name org.jacoco.core High Vendor gradle artifactid org.jacoco.core Highest Vendor gradle groupid org.jacoco Highest Vendor jar package name core Highest Vendor jar package name jacoco Highest Vendor Manifest automatic-module-name org.jacoco.core Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.jacoco.core Medium Vendor Manifest originally-created-by Apache Maven Bundle Plugin Low Vendor pom artifactid jacoco.core Low Vendor pom groupid org.jacoco Highest Vendor pom name JaCoCo :: Core High Vendor pom parent-artifactid org.jacoco.build Low Product file name org.jacoco.core High Product gradle artifactid org.jacoco.core Highest Product jar package name core Highest Product jar package name jacoco Highest Product Manifest automatic-module-name org.jacoco.core Medium Product Manifest Bundle-Name JaCoCo Core Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.jacoco.core Medium Product Manifest originally-created-by Apache Maven Bundle Plugin Low Product pom artifactid jacoco.core Highest Product pom groupid org.jacoco Highest Product pom name JaCoCo :: Core High Product pom parent-artifactid org.jacoco.build Medium Version file version 0.8.9 High Version gradle version 0.8.9 Highest Version pom version 0.8.9 Highest
org.jacoco.report-0.8.9.jarDescription:
JaCoCo Report License:
https://www.eclipse.org/legal/epl-2.0/ File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.jacoco/org.jacoco.report/0.8.9/1d06d0cc1d25d32d519486b527f57c943cf87dca/org.jacoco.report-0.8.9.jar
MD5: 1c1b753d6cdde063e931f53ba147ed99
SHA1: 1d06d0cc1d25d32d519486b527f57c943cf87dca
SHA256: 0d36b87cdea59f98c8cf26367003b4735d5c3187411d4649ddfefdeed387b63e
Referenced In Projects/Scopes: opencdx-classification-analyzer:jacocoAnt opencdx-helloworld:jacocoAnt opencdx-logistics:jacocoAnt opencdx-audit:jacocoAnt opencdx-discovery:jacocoAnt opencdx-gateway:jacocoAnt opencdx-admin:jacocoAnt opencdx-media:jacocoAnt opencdx-questionnaire:jacocoAnt opencdx-iam:jacocoAnt opencdx-proto:jacocoAnt opencdx-tinkar:jacocoAnt opencdx-config:jacocoAnt opencdx-client:jacocoAnt opencdx-health:jacocoAnt opencdx-communications:jacocoAnt OpenCDX:jacocoAnt opencdx-classification:jacocoAnt opencdx-commons:jacocoAnt org.jacoco.report-0.8.9.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 pkg:maven/org.jacoco/org.jacoco.ant@0.8.9 Evidence Type Source Name Value Confidence Vendor file name org.jacoco.report High Vendor gradle artifactid org.jacoco.report Highest Vendor gradle groupid org.jacoco Highest Vendor jar package name jacoco Highest Vendor jar package name report Highest Vendor Manifest automatic-module-name org.jacoco.report Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.jacoco.report Medium Vendor Manifest originally-created-by Apache Maven Bundle Plugin Low Vendor pom artifactid jacoco.report Low Vendor pom groupid org.jacoco Highest Vendor pom name JaCoCo :: Report High Vendor pom parent-artifactid org.jacoco.build Low Product file name org.jacoco.report High Product gradle artifactid org.jacoco.report Highest Product jar package name jacoco Highest Product jar package name report Highest Product Manifest automatic-module-name org.jacoco.report Medium Product Manifest Bundle-Name JaCoCo Report Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.jacoco.report Medium Product Manifest originally-created-by Apache Maven Bundle Plugin Low Product pom artifactid jacoco.report Highest Product pom groupid org.jacoco Highest Product pom name JaCoCo :: Report High Product pom parent-artifactid org.jacoco.build Medium Version file version 0.8.9 High Version gradle version 0.8.9 Highest Version pom version 0.8.9 Highest
org.jacoco.report-0.8.9.jar: prettify.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.jacoco/org.jacoco.report/0.8.9/1d06d0cc1d25d32d519486b527f57c943cf87dca/org.jacoco.report-0.8.9.jar/org/jacoco/report/internal/html/resources/prettify.jsMD5: 4b337aaa3c606cfc1a6ff1986db2c8cbSHA1: 290093755739da933c180ae7e7ebf283724dad1dSHA256: 743c6c4cab9499cd0bfe18a5a62281eccce843f47ec75eedb32eeb29c755aa68Referenced In Projects/Scopes:
opencdx-classification-analyzer:jacocoAnt opencdx-helloworld:jacocoAnt opencdx-logistics:jacocoAnt opencdx-audit:jacocoAnt opencdx-discovery:jacocoAnt opencdx-gateway:jacocoAnt opencdx-admin:jacocoAnt opencdx-media:jacocoAnt opencdx-questionnaire:jacocoAnt opencdx-iam:jacocoAnt opencdx-proto:jacocoAnt opencdx-tinkar:jacocoAnt opencdx-config:jacocoAnt opencdx-client:jacocoAnt opencdx-health:jacocoAnt opencdx-communications:jacocoAnt OpenCDX:jacocoAnt opencdx-classification:jacocoAnt opencdx-commons:jacocoAnt Evidence Type Source Name Value Confidence
org.jacoco.report-0.8.9.jar: sort.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.jacoco/org.jacoco.report/0.8.9/1d06d0cc1d25d32d519486b527f57c943cf87dca/org.jacoco.report-0.8.9.jar/org/jacoco/report/internal/html/resources/sort.jsMD5: d101d06d26e7deaf2b224e0d2137509aSHA1: 2c715325b546adf5beff3d624ce002a7256e3efeSHA256: 7ff293dabc89d68e33d5611f2de0dbbbcfed7e0177726fab5f9dcc0b91f593afReferenced In Projects/Scopes:
opencdx-classification-analyzer:jacocoAnt opencdx-helloworld:jacocoAnt opencdx-logistics:jacocoAnt opencdx-audit:jacocoAnt opencdx-discovery:jacocoAnt opencdx-gateway:jacocoAnt opencdx-admin:jacocoAnt opencdx-media:jacocoAnt opencdx-questionnaire:jacocoAnt opencdx-iam:jacocoAnt opencdx-proto:jacocoAnt opencdx-tinkar:jacocoAnt opencdx-config:jacocoAnt opencdx-client:jacocoAnt opencdx-health:jacocoAnt opencdx-communications:jacocoAnt OpenCDX:jacocoAnt opencdx-classification:jacocoAnt opencdx-commons:jacocoAnt Evidence Type Source Name Value Confidence
osgi-resource-locator-1.0.3.jarDescription:
Used by various API providers that rely on META-INF/services mechanism to locate providers. License:
EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.glassfish.hk2/osgi-resource-locator/1.0.3/de3b21279df7e755e38275137539be5e2c80dd58/osgi-resource-locator-1.0.3.jar
MD5: e7e82b82118c5387ae45f7bf3892909b
SHA1: de3b21279df7e755e38275137539be5e2c80dd58
SHA256: aab5d7849f7cfcda2cc7c541ba1bd365151d42276f151c825387245dfde3dd74
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath osgi-resource-locator-1.0.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name osgi-resource-locator High Vendor gradle artifactid osgi-resource-locator Highest Vendor gradle groupid org.glassfish.hk2 Highest Vendor jar package name glassfish Highest Vendor jar package name hk2 Highest Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname org.glassfish.hk2.osgi-resource-locator Medium Vendor pom artifactid osgi-resource-locator Low Vendor pom developer id ss141213 Medium Vendor pom developer name Sahoo Medium Vendor pom developer org Oracle Corporation Medium Vendor pom groupid org.glassfish.hk2 Highest Vendor pom name OSGi resource locator High Vendor pom parent-artifactid project Low Vendor pom parent-groupid org.eclipse.ee4j Medium Product file name osgi-resource-locator High Product gradle artifactid osgi-resource-locator Highest Product jar package name glassfish Highest Product jar package name hk2 Highest Product Manifest bundle-activationpolicy lazy Low Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name OSGi resource locator Medium Product Manifest bundle-symbolicname org.glassfish.hk2.osgi-resource-locator Medium Product pom artifactid osgi-resource-locator Highest Product pom developer id ss141213 Low Product pom developer name Sahoo Low Product pom developer org Oracle Corporation Low Product pom groupid org.glassfish.hk2 Highest Product pom name OSGi resource locator High Product pom parent-artifactid project Medium Product pom parent-groupid org.eclipse.ee4j Medium Version file version 1.0.3 High Version gradle version 1.0.3 Highest Version Manifest Bundle-Version 1.0.3 High Version pom parent-version 1.0.3 Low Version pom version 1.0.3 Highest
owasp-java-html-sanitizer-20240325.1.jarDescription:
Takes third-party HTML and produces HTML that is safe to embed in
your web application.
Fast and easy to configure.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer/20240325.1/9662c0ed30b5c7af9e5aeb67a88e624bbea73512/owasp-java-html-sanitizer-20240325.1.jar
MD5: f7b659dc35b080b0688cc0455160c375
SHA1: 9662c0ed30b5c7af9e5aeb67a88e624bbea73512
SHA256: f67d865cbd32d0ec7e2ee0ffa97f8b5c71e3f0f8e0a7e822254737c108f13579
Referenced In Projects/Scopes: opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath owasp-java-html-sanitizer-20240325.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name owasp-java-html-sanitizer High Vendor gradle artifactid owasp-java-html-sanitizer Highest Vendor gradle groupid com.googlecode.owasp-java-html-sanitizer Highest Vendor jar package name html Highest Vendor jar package name owasp Highest Vendor Manifest bundle-docurl https://owasp.org Low Vendor Manifest bundle-symbolicname com.googlecode.owasp-java-html-sanitizer Medium Vendor pom artifactid owasp-java-html-sanitizer Low Vendor pom groupid com.googlecode.owasp-java-html-sanitizer Highest Vendor pom name OWASP Java HTML Sanitizer High Vendor pom parent-artifactid parent Low Product file name owasp-java-html-sanitizer High Product gradle artifactid owasp-java-html-sanitizer Highest Product jar package name html Highest Product jar package name owasp Highest Product Manifest bundle-docurl https://owasp.org Low Product Manifest Bundle-Name OWASP Java HTML Sanitizer Medium Product Manifest bundle-symbolicname com.googlecode.owasp-java-html-sanitizer Medium Product pom artifactid owasp-java-html-sanitizer Highest Product pom groupid com.googlecode.owasp-java-html-sanitizer Highest Product pom name OWASP Java HTML Sanitizer High Product pom parent-artifactid parent Medium Version file version 20240325.1 High Version gradle version 20240325.1 Highest Version pom version 20240325.1 Highest
package-search-index.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/javadoc/package-search-index.jsMD5: 9b5c4e7ba1c34238ed7b2bfdbbd7d798SHA1: 8bf1615579ea1911b3189b3468ac00fdc6ee180bSHA256: 43a64c449f0fa366e51bebb46a76b7013bf544beb63f914ffbec3b5fce76f825Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
palantir-java-format-2.38.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.palantir.javaformat/palantir-java-format/2.38.0/26fb748e97e0fe4f53b233fe97fdd5bea75942ce/palantir-java-format-2.38.0.jarMD5: 8f44568cdacd575eaf1953fc53d20b36SHA1: 26fb748e97e0fe4f53b233fe97fdd5bea75942ceSHA256: ac588bf23ad06515edf26cc4f33fc651288b8eedd3b2f5405c3e916a51357133Referenced In Projects/Scopes:
opencdx-health:spotless-511629411 opencdx-iam:spotless-511629411 opencdx-admin:spotless-511629411 opencdx-audit:spotless-511629411 opencdx-communications:spotless-511629411 OpenCDX:spotless-511629411 opencdx-gateway:spotless-511629411 opencdx-tinkar:spotless-511629411 opencdx-commons:spotless-511629411 opencdx-logistics:spotless-511629411 opencdx-client:spotless-511629411 opencdx-questionnaire:spotless-511629411 opencdx-config:spotless-511629411 opencdx-discovery:spotless-511629411 opencdx-media:spotless-511629411 opencdx-classification-analyzer:spotless-511629411 opencdx-proto:spotless-511629411 opencdx-helloworld:spotless-511629411 opencdx-classification:spotless-511629411 palantir-java-format-2.38.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-gateway@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-admin@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-discovery@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/OpenCDX@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name palantir-java-format High Vendor gradle artifactid palantir-java-format Highest Vendor gradle groupid com.palantir.javaformat Highest Vendor jar package name javaformat Low Vendor jar package name palantir Low Vendor Manifest add-exports jdk.compiler/com.sun.tools.javac.file jdk.compiler/com.sun.tools.javac.main jdk.compiler/com.sun.tools.javac.parser jdk.compiler/com.sun.tools.javac.tree jdk.compiler/com.sun.tools.javac.util jdk.compiler/com.sun.tools.javac.code jdk.compiler/com.sun.tools.javac.api Low Product file name palantir-java-format High Product gradle artifactid palantir-java-format Highest Product jar package name javaformat Low Product jar package name main Highest Product Manifest add-exports jdk.compiler/com.sun.tools.javac.file jdk.compiler/com.sun.tools.javac.main jdk.compiler/com.sun.tools.javac.parser jdk.compiler/com.sun.tools.javac.tree jdk.compiler/com.sun.tools.javac.util jdk.compiler/com.sun.tools.javac.code jdk.compiler/com.sun.tools.javac.api Low Version file version 2.38.0 High Version Manifest Implementation-Version 2.38.0 High
palantir-java-format-spi-2.38.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.palantir.javaformat/palantir-java-format-spi/2.38.0/f32d7135d7ea80624354bae837004185f1be78a2/palantir-java-format-spi-2.38.0.jarMD5: 9fcc7bf47eac11964c5fa90a588ecbcdSHA1: f32d7135d7ea80624354bae837004185f1be78a2SHA256: 2829c35a111d8f25b8d51c67de7c18188d42fdd49650f6e4a36d8e454cd296dbReferenced In Projects/Scopes:
opencdx-health:spotless-511629411 opencdx-iam:spotless-511629411 opencdx-admin:spotless-511629411 opencdx-audit:spotless-511629411 opencdx-communications:spotless-511629411 OpenCDX:spotless-511629411 opencdx-gateway:spotless-511629411 opencdx-tinkar:spotless-511629411 opencdx-commons:spotless-511629411 opencdx-logistics:spotless-511629411 opencdx-client:spotless-511629411 opencdx-questionnaire:spotless-511629411 opencdx-config:spotless-511629411 opencdx-discovery:spotless-511629411 opencdx-media:spotless-511629411 opencdx-classification-analyzer:spotless-511629411 opencdx-proto:spotless-511629411 opencdx-helloworld:spotless-511629411 opencdx-classification:spotless-511629411 palantir-java-format-spi-2.38.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 pkg:maven/com.palantir.javaformat/palantir-java-format@2.38.0 Evidence Type Source Name Value Confidence Vendor file name palantir-java-format-spi High Vendor gradle artifactid palantir-java-format-spi Highest Vendor gradle groupid com.palantir.javaformat Highest Vendor jar package name java Low Vendor jar package name javaformat Low Vendor jar package name palantir Low Product file name palantir-java-format-spi High Product gradle artifactid palantir-java-format-spi Highest Product jar package name java Low Product jar package name javaformat Low Version file version 2.38.0 High Version Manifest Implementation-Version 2.38.0 High
pepper-4.5.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.github.solven-eu.pepper/pepper/4.5/28877bef609e454919e4ea0d3e9a0e6570a507c8/pepper-4.5.jarMD5: e723c1d1e3c18bc67c7fd86f1158661fSHA1: 28877bef609e454919e4ea0d3e9a0e6570a507c8SHA256: f292f562d9e7f162125ba03e9bfad639b9ab782e3b1b3ebcf3db27db4ddadbc9Referenced In Projects/Scopes:
opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 pepper-4.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name pepper High Vendor gradle artifactid pepper Highest Vendor gradle groupid io.github.solven-eu.pepper Highest Vendor jar package name eu Highest Vendor jar package name io Highest Vendor jar package name pepper Highest Vendor jar package name solven Highest Vendor Manifest build-jdk-spec 11 Low Vendor pom artifactid pepper Low Vendor pom groupid io.github.solven-eu.pepper Highest Vendor pom parent-artifactid aggregator-pepper Low Product file name pepper High Product gradle artifactid pepper Highest Product jar package name eu Highest Product jar package name io Highest Product jar package name pepper Highest Product jar package name solven Highest Product Manifest build-jdk-spec 11 Low Product Manifest Implementation-Title pepper High Product pom artifactid pepper Highest Product pom groupid io.github.solven-eu.pepper Highest Product pom parent-artifactid aggregator-pepper Medium Version file version 4.5 High Version gradle version 4.5 Highest Version Manifest Implementation-Version 4.5 High Version pom version 4.5 Highest
perfmark-api-0.26.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.perfmark/perfmark-api/0.26.0/ef65452adaf20bf7d12ef55913aba24037b82738/perfmark-api-0.26.0.jarMD5: e80301eb310a53b2047e30db7964bce1SHA1: ef65452adaf20bf7d12ef55913aba24037b82738SHA256: b7d23e93a34537ce332708269a0d1404788a5b5e1949e82f5535fce51b3ea95bReferenced In Projects/Scopes:
opencdx-client:productionRuntimeClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath perfmark-api-0.26.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name perfmark-api High Vendor gradle artifactid perfmark-api Highest Vendor gradle groupid io.perfmark Highest Vendor jar package name io Highest Vendor jar package name io Low Vendor jar package name perfmark Highest Vendor jar package name perfmark Low Vendor Manifest automatic-module-name io.perfmark Medium Vendor Manifest carl-is-awesome true Low Vendor Manifest implementation-url https://www.perfmark.io/ Low Vendor Manifest Implementation-Vendor Carl Mastrangelo High Product file name perfmark-api High Product gradle artifactid perfmark-api Highest Product jar package name io Highest Product jar package name perfmark Highest Product jar package name perfmark Low Product Manifest automatic-module-name io.perfmark Medium Product Manifest carl-is-awesome true Low Product Manifest Implementation-Title PerfMark High Product Manifest implementation-url https://www.perfmark.io/ Low Version file version 0.26.0 High Version Manifest Implementation-Version 0.26.0 High
plexus-java-1.1.2.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.codehaus.plexus/plexus-java/1.1.2/aa761869ff6c4b7624923a850b05fd9342a931d6/plexus-java-1.1.2.jarMD5: 1c196172a9c28f441b8e3c73639fe1a2SHA1: aa761869ff6c4b7624923a850b05fd9342a931d6SHA256: 83659e0d3fa0eda61dc4e8d78ea5a5fe05b7985f88b8557716c295409e64b7f5Referenced In Projects/Scopes:
opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 plexus-java-1.1.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name plexus-java High Vendor gradle artifactid plexus-java Highest Vendor gradle groupid org.codehaus.plexus Highest Vendor jar package name codehaus Highest Vendor jar package name java Highest Vendor jar package name languages Highest Vendor jar package name org Highest Vendor jar package name plexus Highest Vendor Manifest build-jdk-spec 19 Low Vendor Manifest multi-release true Low Vendor pom artifactid plexus-java Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Languages :: Java High Vendor pom parent-artifactid plexus-languages Low Product file name plexus-java High Product gradle artifactid plexus-java Highest Product jar package name codehaus Highest Product jar package name java Highest Product jar package name languages Highest Product jar package name org Highest Product jar package name plexus Highest Product Manifest build-jdk-spec 19 Low Product Manifest multi-release true Low Product pom artifactid plexus-java Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Languages :: Java High Product pom parent-artifactid plexus-languages Medium Version file version 1.1.2 High Version gradle version 1.1.2 Highest Version pom version 1.1.2 Highest
CVE-2022-4244 suppress
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
CVE-2022-4245 suppress
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection. CWE-611 Improper Restriction of XML External Entity Reference, CWE-91 XML Injection (aka Blind XPath Injection)
CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
plexus-utils-3.2.0.jarDescription:
A collection of various utility classes to ease working with strings, files, command lines, XML and
more.
File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.codehaus.plexus/plexus-utils/3.2.0/d69e11d69dfce0c964587ab97b559187b3c27a6f/plexus-utils-3.2.0.jarMD5: 00766f1f57572a8cd54992804733aa0dSHA1: d69e11d69dfce0c964587ab97b559187b3c27a6fSHA256: 0b91029df4c216b8824bd95361f52e260e86ccf93a2619fd88c8f15d23dcb30dReferenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath plexus-utils-3.2.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 Evidence Type Source Name Value Confidence Vendor file name plexus-utils High Vendor gradle artifactid plexus-utils Highest Vendor gradle groupid org.codehaus.plexus Highest Vendor jar package name codehaus Highest Vendor jar package name codehaus Low Vendor jar package name plexus Highest Vendor jar package name plexus Low Vendor jar package name util Low Vendor jar package name xml Highest Vendor pom artifactid plexus-utils Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Common Utilities High Vendor pom parent-artifactid plexus Low Product file name plexus-utils High Product gradle artifactid plexus-utils Highest Product jar package name codehaus Highest Product jar package name plexus Highest Product jar package name plexus Low Product jar package name util Low Product jar package name xml Highest Product pom artifactid plexus-utils Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Common Utilities High Product pom parent-artifactid plexus Medium Version file version 3.2.0 High Version gradle version 3.2.0 Highest Version pom parent-version 3.2.0 Low Version pom version 3.2.0 Highest
proto-google-common-protos-2.17.0.jarDescription:
PROTO library for proto-google-common-protos License:
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.google.api.grpc/proto-google-common-protos/2.17.0/7edf1e3aa96dc3861f7a8f24556c714e9c5b292/proto-google-common-protos-2.17.0.jar
MD5: 49c7c59d89db5d3482094f005ba44092
SHA1: 07edf1e3aa96dc3861f7a8f24556c714e9c5b292
SHA256: 4ef1fe0c327fc1521d1d753b0b1c4a875a54bd14ebded3afff0ca395320b6ea9
Referenced In Projects/Scopes: opencdx-client:productionRuntimeClasspath opencdx-audit:compileClasspath opencdx-proto:compileProtoPath opencdx-client:compileClasspath opencdx-client:runtimeClasspath opencdx-media:compileClasspath opencdx-logistics:compileClasspath opencdx-questionnaire:compileClasspath opencdx-helloworld:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-proto:runtimeClasspath opencdx-iam:compileClasspath opencdx-proto:productionRuntimeClasspath opencdx-classification:compileClasspath opencdx-proto:compileClasspath opencdx-communications:compileClasspath proto-google-common-protos-2.17.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.grpc/grpc-protobuf@1.57.2 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.grpc/grpc-protobuf@1.57.2 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.grpc/grpc-protobuf@1.57.2 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.grpc/grpc-protobuf@1.57.2 Evidence Type Source Name Value Confidence Vendor file name proto-google-common-protos High Vendor gradle artifactid proto-google-common-protos Highest Vendor gradle groupid com.google.api.grpc Highest Vendor jar package name api Highest Vendor jar package name google Highest Vendor Manifest artifactid proto-google-common-protos Low Vendor Manifest build-jdk-spec 11 Low Vendor Manifest Implementation-Vendor Google LLC High Vendor Manifest specification-vendor Google LLC Low Vendor pom artifactid proto-google-common-protos Low Vendor pom developer email chingor@google.com Low Vendor pom developer id chingor Medium Vendor pom developer name Jeff Ching Medium Vendor pom developer org Google Medium Vendor pom groupid com.google.api.grpc Highest Vendor pom name proto-google-common-protos High Vendor pom organization name Google LLC High Vendor pom url googleapis/gapic-generator-java Highest Product file name proto-google-common-protos High Product gradle artifactid proto-google-common-protos Highest Product jar package name api Highest Product jar package name google Highest Product Manifest artifactid proto-google-common-protos Low Product Manifest build-jdk-spec 11 Low Product Manifest Implementation-Title proto-google-common-protos High Product Manifest specification-title proto-google-common-protos Medium Product pom artifactid proto-google-common-protos Highest Product pom developer email chingor@google.com Low Product pom developer id chingor Low Product pom developer name Jeff Ching Low Product pom developer org Google Low Product pom groupid com.google.api.grpc Highest Product pom name proto-google-common-protos High Product pom organization name Google LLC Low Product pom url googleapis/gapic-generator-java High Version file version 2.17.0 High Version gradle version 2.17.0 Highest Version Manifest Implementation-Version 2.17.0 High Version Manifest version 2.17.0 Medium Version pom version 2.17.0 Highest
proto-google-common-protos-2.23.0.jar protobuf-java-3.22.0.jarFile Path: /Users/jeffmiller/.m2/repository/dev/ikm/jpms/protobuf-java/3.22.0/protobuf-java-3.22.0.jarMD5: e2826e440f9f62f48ce5a61e8a4355d2SHA1: ba3ad65d6604659be8fe82ea4b28e688ad28aa39SHA256: a186e3e4871e5f0bc2bffc80297ad2948c791b97796b901e9813d1ce103a3795Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath protobuf-java-3.22.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 Evidence Type Source Name Value Confidence Vendor file name protobuf-java High Vendor gradle artifactid protobuf-java Highest Vendor gradle groupid dev.ikm.jpms Highest Vendor jar package name protobuf Highest Vendor Manifest build-jdk-spec 19 Low Vendor pom artifactid protobuf-java Low Vendor pom groupid dev.ikm.jpms Highest Vendor pom name Tinkar Protobuf Java High Vendor pom parent-artifactid jpms-deps Low Vendor pom url HL7/tinkar-proto Highest Product file name protobuf-java High Product gradle artifactid protobuf-java Highest Product jar package name protobuf Highest Product Manifest build-jdk-spec 19 Low Product pom artifactid protobuf-java Highest Product pom groupid dev.ikm.jpms Highest Product pom name Tinkar Protobuf Java High Product pom parent-artifactid jpms-deps Medium Product pom url HL7/tinkar-proto High Version pom version 1.0.15 Highest
protobuf-java-3.22.3.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.google.protobuf/protobuf-java/3.22.3/fdee98b8f6abab73f146a4edb4c09e56f8278d03/protobuf-java-3.22.3.jarMD5: e39845796ebd9fdb1b0f30ffef7ec2eeSHA1: fdee98b8f6abab73f146a4edb4c09e56f8278d03SHA256: 59d388ea6a2d2d76ae8efff7fd4d0c60c6f0f464c3d3ab9be8e5add092975708Referenced In Projects/Scopes:
opencdx-client:productionRuntimeClasspath opencdx-proto:compileProtoPath opencdx-proto:runtimeClasspath opencdx-client:compileClasspath opencdx-client:runtimeClasspath opencdx-proto:productionRuntimeClasspath opencdx-proto:compileClasspath protobuf-java-3.22.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.grpc/grpc-protobuf@1.57.2 pkg:maven/io.grpc/grpc-protobuf@1.57.2 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-proto@0.1.20240501165702 pkg:maven/io.grpc/grpc-protobuf@1.57.2 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.grpc/grpc-protobuf@1.57.2 Evidence Type Source Name Value Confidence Vendor file name protobuf-java High Vendor gradle artifactid protobuf-java Highest Vendor gradle groupid com.google.protobuf Highest Vendor jar package name google Low Vendor jar package name protobuf Low Vendor Manifest target-label //java/core:lite_runtime_only Low Product file name protobuf-java High Product gradle artifactid protobuf-java Highest Product jar package name protobuf Low Product Manifest target-label //java/core:lite_runtime_only Low Version file name protobuf-java Medium Version file version 3.22.3 High Version gradle version 3.22.3 Highest
protobuf-java-3.24.4.jar protobuf-java-util-3.22.3.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.google.protobuf/protobuf-java-util/3.22.3/749cd4fe8ab52f37bc186193802ba19f5b284647/protobuf-java-util-3.22.3.jarMD5: 373bef8f76c872b5f67d1b7c643a6e7dSHA1: 749cd4fe8ab52f37bc186193802ba19f5b284647SHA256: c615f76879dc5c303e4df5b94a6afa39534058c7545db2d483fd95d9f63c8bfeReferenced In Projects/Scopes:
opencdx-client:productionRuntimeClasspath opencdx-client:runtimeClasspath protobuf-java-util-3.22.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 Evidence Type Source Name Value Confidence Vendor file name protobuf-java-util High Vendor gradle artifactid protobuf-java-util Highest Vendor gradle groupid com.google.protobuf Highest Vendor jar package name google Low Vendor jar package name protobuf Low Vendor jar package name util Low Vendor Manifest target-label //java/util:util Low Product file name protobuf-java-util High Product gradle artifactid protobuf-java-util Highest Product jar package name protobuf Low Product jar package name util Highest Product jar package name util Low Product Manifest target-label //java/util:util Low Version file name protobuf-java-util Medium Version file version 3.22.3 High Version gradle version 3.22.3 Highest Version jar package name util Highest
protobuf-java-util-3.24.4.jar qdox-2.0.3.jarDescription:
QDox is a high speed, small footprint parser for extracting class/interface/method definitions from source files
complete with JavaDoc @tags. It is designed to be used by active code generators or documentation tools.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.thoughtworks.qdox/qdox/2.0.3/d70143d2a58e7b16a8ec73a495508d43a085d83b/qdox-2.0.3.jar
MD5: 1a599568ea16556d01a008d9e062ac89
SHA1: d70143d2a58e7b16a8ec73a495508d43a085d83b
SHA256: ff70c10165714fe9546c418a65d74ecd5d57623ba408cecde9428f0a609b5d1c
Referenced In Projects/Scopes: opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 qdox-2.0.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name qdox High Vendor gradle artifactid qdox Highest Vendor gradle groupid com.thoughtworks.qdox Highest Vendor jar package name parser Highest Vendor jar package name qdox Highest Vendor jar package name thoughtworks Highest Vendor jar package name tools Highest Vendor Manifest automatic-module-name com.thoughtworks.qdox Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid qdox Low Vendor pom developer id joe Medium Vendor pom developer id mauro Medium Vendor pom developer id mdub Medium Vendor pom developer id paul Medium Vendor pom developer id rfscholte Medium Vendor pom developer id rinkrank Medium Vendor pom developer name Aslak Hellesoy Medium Vendor pom developer name Joe Walnes Medium Vendor pom developer name Mauro Talevi Medium Vendor pom developer name Mike Williams Medium Vendor pom developer name Paul Hammant Medium Vendor pom developer name Robert Scholte Medium Vendor pom groupid com.thoughtworks.qdox Highest Vendor pom name QDox High Vendor pom url paul-hammant/qdox Highest Product file name qdox High Product gradle artifactid qdox Highest Product jar package name parser Highest Product jar package name qdox Highest Product jar package name thoughtworks Highest Product jar package name tools Highest Product Manifest automatic-module-name com.thoughtworks.qdox Medium Product Manifest build-jdk-spec 1.8 Low Product pom artifactid qdox Highest Product pom developer id joe Low Product pom developer id mauro Low Product pom developer id mdub Low Product pom developer id paul Low Product pom developer id rfscholte Low Product pom developer id rinkrank Low Product pom developer name Aslak Hellesoy Low Product pom developer name Joe Walnes Low Product pom developer name Mauro Talevi Low Product pom developer name Mike Williams Low Product pom developer name Paul Hammant Low Product pom developer name Robert Scholte Low Product pom groupid com.thoughtworks.qdox Highest Product pom name QDox High Product pom url paul-hammant/qdox High Version file version 2.0.3 High Version gradle version 2.0.3 Highest Version pom version 2.0.3 Highest
reactive-streams-1.0.4.jar reactor-core-3.6.4.jar reactor-extra-3.5.1.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.projectreactor.addons/reactor-extra/3.5.1/227cd47421ca0571c662f67428903c5c54777ef1/reactor-extra-3.5.1.jarMD5: 14e0470afd09e039ead03cbb9da28a72SHA1: 227cd47421ca0571c662f67428903c5c54777ef1SHA256: 523e4ff3e80bb9c15702bbb4e3912462dca4a9888c88fc3ddfe560f3783756e2Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath reactor-extra-3.5.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-gateway@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-gateway@4.1.0 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-gateway@4.1.0 Evidence Type Source Name Value Confidence Vendor file name reactor-extra High Vendor gradle artifactid reactor-extra Highest Vendor gradle groupid io.projectreactor.addons Highest Vendor jar package name reactor Highest Vendor jar package name reactor Low Vendor Manifest automatic-module-name reactor.extra Medium Vendor Manifest bundle-symbolicname io.projectreactor.addons.reactor-extra Medium Product file name reactor-extra High Product gradle artifactid reactor-extra Highest Product jar package name reactor Highest Product Manifest automatic-module-name reactor.extra Medium Product Manifest Bundle-Name reactor-extra Medium Product Manifest bundle-symbolicname io.projectreactor.addons.reactor-extra Medium Product Manifest Implementation-Title reactor-extra High Version file version 3.5.1 High Version Manifest Implementation-Version 3.5.1 High
reactor-netty-core-1.1.17.jar reactor-netty-http-1.1.17.jar record-builder-core-34.jarFile Path: /Users/jeffmiller/.m2/repository/dev/ikm/jpms/record-builder-core/34/record-builder-core-34.jarMD5: a3f705d78f4fd42fcda46c980115f3b8SHA1: c48de910c27ffd9ec097b341916f6435242dd82fSHA256: ccc6f02d7c5dfbdc513124b4a3f1450ba773b537c6bf86e210c9aaed884264c1Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath record-builder-core-34.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 Evidence Type Source Name Value Confidence Vendor file name record-builder-core-34 High Vendor gradle artifactid record-builder-core Highest Vendor gradle groupid dev.ikm.jpms Highest Vendor jar package name core Highest Vendor jar package name io Highest Vendor jar package name soabase Highest Vendor Manifest build-jdk-spec 19 Low Vendor pom artifactid record-builder-core Low Vendor pom groupid dev.ikm.jpms Highest Vendor pom groupid io.soabase.record-builder Highest Vendor pom name Record builder High Vendor pom parent-artifactid jpms-deps Low Vendor pom parent-artifactid record-builder Low Product file name record-builder-core-34 High Product gradle artifactid record-builder-core Highest Product jar package name core Highest Product jar package name io Highest Product jar package name soabase Highest Product Manifest build-jdk-spec 19 Low Product pom artifactid record-builder-core Highest Product pom groupid dev.ikm.jpms Highest Product pom groupid io.soabase.record-builder Highest Product pom name Record builder High Product pom parent-artifactid jpms-deps Medium Product pom parent-artifactid record-builder Medium Version pom version 1.0.15 Highest
refactorer-2.16.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.github.solven-eu.cleanthat/refactorer/2.16/329dd0f8238630928d54c9acaed1cffe161e0a78/refactorer-2.16.jarMD5: ea1282b74aeb0c99b9384a7a70967888SHA1: 329dd0f8238630928d54c9acaed1cffe161e0a78SHA256: 1e297849a3942c38b1ad2117219a3b7a8a13fa1660ded92a2a42542e49e5ee7dReferenced In Projects/Scopes:
opencdx-commons:spotless1659553931 opencdx-audit:spotless1659553931 opencdx-media:spotless1659553931 opencdx-health:spotless1659553931 opencdx-questionnaire:spotless1659553931 opencdx-gateway:spotless1659553931 opencdx-logistics:spotless1659553931 opencdx-tinkar:spotless1659553931 opencdx-admin:spotless1659553931 OpenCDX:spotless1659553931 opencdx-communications:spotless1659553931 opencdx-discovery:spotless1659553931 opencdx-proto:spotless1659553931 opencdx-classification-analyzer:spotless1659553931 opencdx-classification:spotless1659553931 opencdx-config:spotless1659553931 opencdx-client:spotless1659553931 opencdx-iam:spotless1659553931 opencdx-helloworld:spotless1659553931 refactorer-2.16.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 pkg:maven/io.github.solven-eu.cleanthat/java@2.16 Evidence Type Source Name Value Confidence Vendor file name refactorer High Vendor gradle artifactid refactorer Highest Vendor gradle groupid io.github.solven-eu.cleanthat Highest Vendor jar package name cleanthat Highest Vendor jar package name eu Highest Vendor jar package name solven Highest Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid refactorer Low Vendor pom groupid io.github.solven-eu.cleanthat Highest Vendor pom parent-artifactid aggregator-cleanthat Low Product file name refactorer High Product gradle artifactid refactorer Highest Product jar package name cleanthat Highest Product jar package name eu Highest Product jar package name solven Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title refactorer High Product pom artifactid refactorer Highest Product pom groupid io.github.solven-eu.cleanthat Highest Product pom parent-artifactid aggregator-cleanthat Medium Version file version 2.16 High Version gradle version 2.16 Highest Version Manifest Implementation-Version 2.16 High Version pom version 2.16 Highest
reflections-0.9.9.jarDescription:
Reflections - a Java runtime metadata analysis License:
WTFPL: http://www.wtfpl.net/
The New BSD License: http://www.opensource.org/licenses/bsd-license.html File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.reflections/reflections/0.9.9/296d8adb2f22a38025f44b45cac89835ff0bbaf/reflections-0.9.9.jar
MD5: 5f13944b355f927f956b6298136ad959
SHA1: 0296d8adb2f22a38025f44b45cac89835ff0bbaf
SHA256: 6a6c56d436f1f34e609bbf2d9b222f449f916941916dd874e7e15ff907daed1c
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath reflections-0.9.9.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 pkg:maven/com.github.cloudyrock.mongock/mongock-spring-v5@4.3.8 Evidence Type Source Name Value Confidence Vendor file name reflections High Vendor gradle artifactid reflections Highest Vendor gradle groupid org.reflections Highest Vendor jar package name reflections Highest Vendor jar package name reflections Low Vendor pom artifactid reflections Low Vendor pom developer email ronmamo at gmail Low Vendor pom groupid org.reflections Highest Vendor pom name Reflections High Vendor pom url http://github.com/ronmamo/reflections Highest Product file name reflections High Product gradle artifactid reflections Highest Product jar package name reflections Highest Product pom artifactid reflections Highest Product pom developer email ronmamo at gmail Low Product pom groupid org.reflections Highest Product pom name Reflections High Product pom url http://github.com/ronmamo/reflections Medium Version file version 0.9.9 High Version gradle version 0.9.9 Highest Version pom version 0.9.9 Highest
roaringbitmap-0.9.31-r3.jarFile Path: /Users/jeffmiller/.m2/repository/dev/ikm/jpms/roaringbitmap/0.9.31-r3/roaringbitmap-0.9.31-r3.jarMD5: a6f476a88659bfd424e886174f2ee593SHA1: 06d66c2e3a1ec009ad2180c0498b67eb73227e43SHA256: c79930a6adc36130967a498222b7e3d5f44b704dc3dc28750240055ee79dfc47Referenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath roaringbitmap-0.9.31-r3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/common@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/common@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/executor-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/common@1.37.0 Evidence Type Source Name Value Confidence Vendor file name roaringbitmap High Vendor gradle artifactid roaringbitmap Highest Vendor gradle groupid dev.ikm.jpms Highest Vendor jar package name roaringbitmap Highest Vendor Manifest build-jdk-spec 19 Low Vendor pom artifactid roaringbitmap Low Vendor pom groupid dev.ikm.jpms Highest Vendor pom name Roaring High Vendor pom parent-artifactid java-parent Low Vendor pom parent-groupid dev.ikm.build Medium Product file name roaringbitmap High Product gradle artifactid roaringbitmap Highest Product jar package name roaringbitmap Highest Product Manifest build-jdk-spec 19 Low Product pom artifactid roaringbitmap Highest Product pom groupid dev.ikm.jpms Highest Product pom name Roaring High Product pom parent-artifactid java-parent Medium Product pom parent-groupid dev.ikm.build Medium Version pom version 0.4.0 Highest
sb-admin-2.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/jmeter/sbadmin2-1.0.7/dist/js/sb-admin-2.jsMD5: 7829ca02ab0f01b0cb051cf50e83a896SHA1: 49ed7fcc6f9cff48ef1f091a26d85df0196342d4SHA256: 56bd6a6e5b0d37d83b0261b8de91fb454a750a4641c24bdc62f1bc5d860acb39Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
script.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/javadoc/script.jsMD5: 6691e64758a1db543dc9a7bd97f2cb51SHA1: e89b972ec1b014c56089a6d607bfbfb6f2323f67SHA256: 854662f300614471e7d16d8443133c6ba1ff2adc0d4b0fd892d507b646af2467Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
search-page.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/javadoc/search-page.jsMD5: 6393ad145e1c0020f96a364d9b252ed4SHA1: 788aa5b7d3948cff471fd2c1184a57fc286e665bSHA256: 836fe867b6c2a60143d77c451966f1109f132c5e6b0e4c150982f896080e95f8Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
search-provider-1.37.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/dev.ikm.tinkar/search-provider/1.37.0/c6db0b9c9275d9a918907c9e507ebbd6f6ad9c9c/search-provider-1.37.0.jarMD5: de07c95f1cfb2a3c04e32ed3664704d0SHA1: c6db0b9c9275d9a918907c9e507ebbd6f6ad9c9cSHA256: e488fe944b52d9608c549db65dff7cacad3e887c5ffddfb57396bf6293d9f52fReferenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath search-provider-1.37.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 Evidence Type Source Name Value Confidence Vendor file name search-provider High Vendor gradle artifactid search-provider Highest Vendor gradle groupid dev.ikm.tinkar Highest Vendor jar package name dev Highest Vendor jar package name ikm Highest Vendor jar package name provider Highest Vendor jar package name tinkar Highest Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid search-provider Low Vendor pom groupid dev.ikm.tinkar Highest Vendor pom name TINKAR Provider Search provider High Vendor pom parent-artifactid provider Low Product file name search-provider High Product gradle artifactid search-provider Highest Product jar package name dev Highest Product jar package name ikm Highest Product jar package name provider Highest Product jar package name tinkar Highest Product Manifest build-jdk-spec 21 Low Product pom artifactid search-provider Highest Product pom groupid dev.ikm.tinkar Highest Product pom name TINKAR Provider Search provider High Product pom parent-artifactid provider Medium Version file version 1.37.0 High Version gradle version 1.37.0 Highest Version pom version 1.37.0 Highest
search.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/javadoc/search.jsMD5: a9372105f090d30517858b3314659595SHA1: 01df4bbacf245969cc35c084d16a47bf18461297SHA256: e3cf74cdb1854f8bf8a50edc7bda328083d6949e8f2384c03df87cc1e7e13cb1Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
servo-core-0.12.21.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.netflix.servo/servo-core/0.12.21/f56c3bf161217be98fbe4135adf8480590db9c37/servo-core-0.12.21.jarMD5: 9b7d6a33b41938e75f03d66484992210SHA1: f56c3bf161217be98fbe4135adf8480590db9c37SHA256: c967001e6ffeb84b3e51b1283c2b075395d3c930151ae602ed013305643988caReferenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath servo-core-0.12.21.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name servo-core High Vendor gradle artifactid servo-core Highest Vendor gradle groupid com.netflix.servo Highest Vendor jar package name netflix Highest Vendor jar package name netflix Low Vendor jar package name servo Highest Vendor jar package name servo Low Vendor Manifest automatic-module-name com.netflix.servo.core Medium Vendor Manifest branch 710a42e98703f8f3973ab97a0c403a6b617549c5 Low Vendor Manifest build-date 2018-03-28_14:59:24 Low Vendor Manifest build-host travis-job-netflix-servo-359402841.travisci.net Low Vendor Manifest build-job Netflix/servo Low Vendor Manifest build-number 185 Low Vendor Manifest built-os Linux Low Vendor Manifest built-status integration Low Vendor Manifest change 710a42e Low Vendor Manifest module-email netflixoss@netflix.com Low Vendor Manifest module-origin https://github.com/Netflix/servo.git Low Vendor Manifest module-owner netflixoss@netflix.com Low Vendor Manifest module-source /servo-core Low Product file name servo-core High Product gradle artifactid servo-core Highest Product jar package name netflix Highest Product jar package name servo Highest Product jar package name servo Low Product Manifest automatic-module-name com.netflix.servo.core Medium Product Manifest branch 710a42e98703f8f3973ab97a0c403a6b617549c5 Low Product Manifest build-date 2018-03-28_14:59:24 Low Product Manifest build-host travis-job-netflix-servo-359402841.travisci.net Low Product Manifest build-job Netflix/servo Low Product Manifest build-number 185 Low Product Manifest built-os Linux Low Product Manifest built-status integration Low Product Manifest change 710a42e Low Product Manifest Implementation-Title com.netflix.servo#servo-core;0.12.21 High Product Manifest module-email netflixoss@netflix.com Low Product Manifest module-origin https://github.com/Netflix/servo.git Low Product Manifest module-owner netflixoss@netflix.com Low Product Manifest module-source /servo-core Low Version file version 0.12.21 High Version Manifest Implementation-Version 0.12.21 High
shedlock-core-5.8.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/net.javacrumbs.shedlock/shedlock-core/5.8.0/8ec389a4f7152435cdf8f92b32d67d23fc9101e2/shedlock-core-5.8.0.jarMD5: a5cf9135fcb9a1cccfc2a58816577831SHA1: 8ec389a4f7152435cdf8f92b32d67d23fc9101e2SHA256: 1da37ca9b26daf999f20a570f08b390c9693e7ff846a2f1054f42c96e1731f1aReferenced In Projects/Scopes:
opencdx-communications:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-communications:compileClasspath shedlock-core-5.8.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/net.javacrumbs.shedlock/shedlock-spring@5.8.0 pkg:maven/net.javacrumbs.shedlock/shedlock-provider-mongo@5.8.0 pkg:maven/net.javacrumbs.shedlock/shedlock-spring@5.8.0 pkg:maven/net.javacrumbs.shedlock/shedlock-provider-mongo@5.8.0 pkg:maven/net.javacrumbs.shedlock/shedlock-spring@5.8.0 pkg:maven/net.javacrumbs.shedlock/shedlock-provider-mongo@5.8.0 Evidence Type Source Name Value Confidence Vendor file name shedlock-core High Vendor gradle artifactid shedlock-core Highest Vendor gradle groupid net.javacrumbs.shedlock Highest Vendor jar package name core Highest Vendor jar package name javacrumbs Highest Vendor jar package name net Highest Vendor jar package name shedlock Highest Vendor Manifest automatic-module-name net.javacrumbs.shedlock.core Medium Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid shedlock-core Low Vendor pom groupid net.javacrumbs.shedlock Highest Vendor pom parent-artifactid shedlock-parent Low Product file name shedlock-core High Product gradle artifactid shedlock-core Highest Product jar package name core Highest Product jar package name javacrumbs Highest Product jar package name net Highest Product jar package name shedlock Highest Product Manifest automatic-module-name net.javacrumbs.shedlock.core Medium Product Manifest build-jdk-spec 17 Low Product pom artifactid shedlock-core Highest Product pom groupid net.javacrumbs.shedlock Highest Product pom parent-artifactid shedlock-parent Medium Version file version 5.8.0 High Version gradle version 5.8.0 Highest Version pom version 5.8.0 Highest
shedlock-provider-mongo-5.8.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/net.javacrumbs.shedlock/shedlock-provider-mongo/5.8.0/2f4a5e0bb3b2bc3f83e5508801470a37ba2ea5e8/shedlock-provider-mongo-5.8.0.jarMD5: e074d3eb0d434b5555385474d7aadd26SHA1: 2f4a5e0bb3b2bc3f83e5508801470a37ba2ea5e8SHA256: 0f9143e091eba6c2002c46a67d58ff1233be48b672c01bd8f3e47db3f0a6acebReferenced In Projects/Scopes:
opencdx-communications:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-communications:compileClasspath shedlock-provider-mongo-5.8.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name shedlock-provider-mongo High Vendor gradle artifactid shedlock-provider-mongo Highest Vendor gradle groupid net.javacrumbs.shedlock Highest Vendor jar package name javacrumbs Highest Vendor jar package name net Highest Vendor jar package name provider Highest Vendor jar package name shedlock Highest Vendor Manifest automatic-module-name net.javacrumbs.shedlock.provider.mongo Medium Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid shedlock-provider-mongo Low Vendor pom groupid net.javacrumbs.shedlock Highest Vendor pom parent-artifactid shedlock-parent Low Product file name shedlock-provider-mongo High Product gradle artifactid shedlock-provider-mongo Highest Product jar package name javacrumbs Highest Product jar package name net Highest Product jar package name provider Highest Product jar package name shedlock Highest Product Manifest automatic-module-name net.javacrumbs.shedlock.provider.mongo Medium Product Manifest build-jdk-spec 17 Low Product pom artifactid shedlock-provider-mongo Highest Product pom groupid net.javacrumbs.shedlock Highest Product pom parent-artifactid shedlock-parent Medium Version file version 5.8.0 High Version gradle version 5.8.0 Highest Version pom version 5.8.0 Highest
shedlock-spring-5.8.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/net.javacrumbs.shedlock/shedlock-spring/5.8.0/e19862cd92084f7112a5d4ddfc056dba1f04113b/shedlock-spring-5.8.0.jarMD5: 4aef4f56143433ade24a63a71c7023aeSHA1: e19862cd92084f7112a5d4ddfc056dba1f04113bSHA256: 5c2cf43c9bc7b4b3b5082e762e992254e77d135ab9fdf390655dbb6962210461Referenced In Projects/Scopes:
opencdx-communications:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-communications:compileClasspath shedlock-spring-5.8.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name shedlock-spring High Vendor gradle artifactid shedlock-spring Highest Vendor gradle groupid net.javacrumbs.shedlock Highest Vendor jar package name javacrumbs Highest Vendor jar package name net Highest Vendor jar package name shedlock Highest Vendor jar package name spring Highest Vendor Manifest automatic-module-name net.javacrumbs.shedlock.spring Medium Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid shedlock-spring Low Vendor pom groupid net.javacrumbs.shedlock Highest Vendor pom parent-artifactid shedlock-parent Low Product file name shedlock-spring High Product gradle artifactid shedlock-spring Highest Product jar package name javacrumbs Highest Product jar package name net Highest Product jar package name shedlock Highest Product jar package name spring Highest Product Manifest automatic-module-name net.javacrumbs.shedlock.spring Medium Product Manifest build-jdk-spec 17 Low Product pom artifactid shedlock-spring Highest Product pom groupid net.javacrumbs.shedlock Highest Product pom parent-artifactid shedlock-parent Medium Version file version 5.8.0 High Version gradle version 5.8.0 Highest Version pom version 5.8.0 Highest
simpleclient-0.16.0.jarDescription:
Core instrumentation library for the simpleclient.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.prometheus/simpleclient/0.16.0/28b0eaf7c500c506976da8d0fc9cad6c278e8d87/simpleclient-0.16.0.jar
MD5: 0d7e4aec0a8ba8ba66c87f06e3d439da
SHA1: 28b0eaf7c500c506976da8d0fc9cad6c278e8d87
SHA256: 22c374f237f7bc4fdb1f0ec2da379c0ba00e69ad2ffe8b6ade543d73062d377f
Referenced In Projects/Scopes: opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-discovery:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath simpleclient-0.16.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 Evidence Type Source Name Value Confidence Vendor file name simpleclient High Vendor gradle artifactid simpleclient Highest Vendor gradle groupid io.prometheus Highest Vendor jar package name io Highest Vendor jar package name prometheus Highest Vendor Manifest bundle-symbolicname io.prometheus.simpleclient Medium Vendor pom artifactid simpleclient Low Vendor pom developer email brian.brazil@boxever.com Low Vendor pom developer id brian-brazil Medium Vendor pom developer name Brian Brazil Medium Vendor pom groupid io.prometheus Highest Vendor pom name Prometheus Java Simpleclient High Vendor pom parent-artifactid parent Low Product file name simpleclient High Product gradle artifactid simpleclient Highest Product jar package name io Highest Product jar package name prometheus Highest Product Manifest Bundle-Name Prometheus Java Simpleclient Medium Product Manifest bundle-symbolicname io.prometheus.simpleclient Medium Product pom artifactid simpleclient Highest Product pom developer email brian.brazil@boxever.com Low Product pom developer id brian-brazil Low Product pom developer name Brian Brazil Low Product pom groupid io.prometheus Highest Product pom name Prometheus Java Simpleclient High Product pom parent-artifactid parent Medium Version file version 0.16.0 High Version gradle version 0.16.0 Highest Version Manifest Bundle-Version 0.16.0 High Version pom version 0.16.0 Highest
simpleclient_common-0.16.0.jarDescription:
Common code used by various modules of the Simpleclient.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.prometheus/simpleclient_common/0.16.0/a09a8c790a20309b942a9fdbfe77da22407096e6/simpleclient_common-0.16.0.jar
MD5: bef35be6eef09775ffe092c267729478
SHA1: a09a8c790a20309b942a9fdbfe77da22407096e6
SHA256: eba6ec26ce7e40cbb8725e05fb83247a9f4f44945b9e7522e3375dde67b9f059
Referenced In Projects/Scopes: opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-discovery:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath simpleclient_common-0.16.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 Evidence Type Source Name Value Confidence Vendor file name simpleclient_common High Vendor gradle artifactid simpleclient_common Highest Vendor gradle groupid io.prometheus Highest Vendor jar package name io Highest Vendor jar package name prometheus Highest Vendor Manifest bundle-symbolicname io.prometheus.simpleclient_common Medium Vendor pom artifactid simpleclient_common Low Vendor pom developer email brian.brazil@boxever.com Low Vendor pom developer id brian-brazil Medium Vendor pom developer name Brian Brazil Medium Vendor pom groupid io.prometheus Highest Vendor pom name Prometheus Java Simpleclient Common High Vendor pom parent-artifactid parent Low Product file name simpleclient_common High Product gradle artifactid simpleclient_common Highest Product jar package name io Highest Product jar package name prometheus Highest Product Manifest Bundle-Name Prometheus Java Simpleclient Common Medium Product Manifest bundle-symbolicname io.prometheus.simpleclient_common Medium Product pom artifactid simpleclient_common Highest Product pom developer email brian.brazil@boxever.com Low Product pom developer id brian-brazil Low Product pom developer name Brian Brazil Low Product pom groupid io.prometheus Highest Product pom name Prometheus Java Simpleclient Common High Product pom parent-artifactid parent Medium Version file version 0.16.0 High Version gradle version 0.16.0 Highest Version Manifest Bundle-Version 0.16.0 High Version pom version 0.16.0 Highest
simpleclient_tracer_common-0.16.0.jarDescription:
The Prometheus Java Suite: Client Metrics, Exposition, and Examples License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.prometheus/simpleclient_tracer_common/0.16.0/dec00ef7c6155c4ca1109ec8248f7ff58d8f6cd3/simpleclient_tracer_common-0.16.0.jar
MD5: 80ee58e0fd6a13feacded45d0fc52f53
SHA1: dec00ef7c6155c4ca1109ec8248f7ff58d8f6cd3
SHA256: e84a784ac8e24f182ee62da80b6b5c8140774b75bfa4bf9cc3d3b8390db625f6
Referenced In Projects/Scopes: opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-discovery:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath simpleclient_tracer_common-0.16.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 Evidence Type Source Name Value Confidence Vendor file name simpleclient_tracer_common High Vendor gradle artifactid simpleclient_tracer_common Highest Vendor gradle groupid io.prometheus Highest Vendor jar package name io Highest Vendor jar package name prometheus Highest Vendor Manifest bundle-symbolicname io.prometheus.simpleclient_tracer_common Medium Vendor pom artifactid simpleclient_tracer_common Low Vendor pom groupid io.prometheus Highest Vendor pom name Prometheus Java Span Context Supplier - Common High Vendor pom parent-artifactid simpleclient_tracer Low Product file name simpleclient_tracer_common High Product gradle artifactid simpleclient_tracer_common Highest Product jar package name client Highest Product jar package name io Highest Product jar package name prometheus Highest Product Manifest Bundle-Name Prometheus Java Span Context Supplier - Common Medium Product Manifest bundle-symbolicname io.prometheus.simpleclient_tracer_common Medium Product pom artifactid simpleclient_tracer_common Highest Product pom groupid io.prometheus Highest Product pom name Prometheus Java Span Context Supplier - Common High Product pom parent-artifactid simpleclient_tracer Medium Version file version 0.16.0 High Version gradle version 0.16.0 Highest Version Manifest Bundle-Version 0.16.0 High Version pom version 0.16.0 Highest
simpleclient_tracer_otel-0.16.0.jarDescription:
The Prometheus Java Suite: Client Metrics, Exposition, and Examples License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.prometheus/simpleclient_tracer_otel/0.16.0/cc3d2b7b7cb6f077e3b1ee1d3e99eb54fddfa151/simpleclient_tracer_otel-0.16.0.jar
MD5: 55959da7c8ad68257c11d23f0de6a52f
SHA1: cc3d2b7b7cb6f077e3b1ee1d3e99eb54fddfa151
SHA256: a2a84c59bef3796bb7f9c6f2ae8b7de8b905313ef28180ac3de7ff61dd68df3f
Referenced In Projects/Scopes: opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-discovery:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath simpleclient_tracer_otel-0.16.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 Evidence Type Source Name Value Confidence Vendor file name simpleclient_tracer_otel High Vendor gradle artifactid simpleclient_tracer_otel Highest Vendor gradle groupid io.prometheus Highest Vendor jar package name io Highest Vendor jar package name prometheus Highest Vendor Manifest bundle-symbolicname io.prometheus.simpleclient_tracer_otel Medium Vendor pom artifactid simpleclient_tracer_otel Low Vendor pom groupid io.prometheus Highest Vendor pom name Prometheus Java Span Context Supplier - OpenTelemetry High Vendor pom parent-artifactid simpleclient_tracer Low Product file name simpleclient_tracer_otel High Product gradle artifactid simpleclient_tracer_otel Highest Product jar package name client Highest Product jar package name io Highest Product jar package name prometheus Highest Product Manifest Bundle-Name Prometheus Java Span Context Supplier - OpenTelemetry Medium Product Manifest bundle-symbolicname io.prometheus.simpleclient_tracer_otel Medium Product pom artifactid simpleclient_tracer_otel Highest Product pom groupid io.prometheus Highest Product pom name Prometheus Java Span Context Supplier - OpenTelemetry High Product pom parent-artifactid simpleclient_tracer Medium Version file version 0.16.0 High Version gradle version 0.16.0 Highest Version Manifest Bundle-Version 0.16.0 High Version pom version 0.16.0 Highest
simpleclient_tracer_otel_agent-0.16.0.jarDescription:
The Prometheus Java Suite: Client Metrics, Exposition, and Examples License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.prometheus/simpleclient_tracer_otel_agent/0.16.0/9d724771e339ff7ec6cd7c0cc170d3470904c5/simpleclient_tracer_otel_agent-0.16.0.jar
MD5: c655a6b67747cebfc80375560a549059
SHA1: 009d724771e339ff7ec6cd7c0cc170d3470904c5
SHA256: 7ad2bb40df74a772d9f5445a3d03579b49d6b37a47d5e90f6cf3f59ecf41ad06
Referenced In Projects/Scopes: opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-discovery:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath simpleclient_tracer_otel_agent-0.16.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.4 Evidence Type Source Name Value Confidence Vendor file name simpleclient_tracer_otel_agent High Vendor gradle artifactid simpleclient_tracer_otel_agent Highest Vendor gradle groupid io.prometheus Highest Vendor jar package name io Highest Vendor jar package name prometheus Highest Vendor Manifest bundle-symbolicname io.prometheus.simpleclient_tracer_otel_agent Medium Vendor pom artifactid simpleclient_tracer_otel_agent Low Vendor pom groupid io.prometheus Highest Vendor pom name Prometheus Java Span Context Supplier - OpenTelemetry Agent High Vendor pom parent-artifactid simpleclient_tracer Low Product file name simpleclient_tracer_otel_agent High Product gradle artifactid simpleclient_tracer_otel_agent Highest Product jar package name client Highest Product jar package name io Highest Product jar package name prometheus Highest Product Manifest Bundle-Name Prometheus Java Span Context Supplier - OpenTelemetry Agent Medium Product Manifest bundle-symbolicname io.prometheus.simpleclient_tracer_otel_agent Medium Product pom artifactid simpleclient_tracer_otel_agent Highest Product pom groupid io.prometheus Highest Product pom name Prometheus Java Span Context Supplier - OpenTelemetry Agent High Product pom parent-artifactid simpleclient_tracer Medium Version file version 0.16.0 High Version gradle version 0.16.0 Highest Version Manifest Bundle-Version 0.16.0 High Version pom version 0.16.0 Highest
slf4j-api-2.0.12.jar snakeyaml-2.2.jar spring-aop-6.1.5.jar spring-beans-6.1.5.jar spring-boot-3.2.4.jar spring-boot-actuator-3.2.4.jar spring-boot-actuator-autoconfigure-3.2.4.jar spring-boot-admin-client-3.2.0.jarDescription:
Spring Boot Admin Client License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/de.codecentric/spring-boot-admin-client/3.2.0/812ee22c87326144eeed7871aa2f8584b427fe8/spring-boot-admin-client-3.2.0.jar
MD5: cccd4cb7adcd1d22d1a7abb8f5f499a0
SHA1: 0812ee22c87326144eeed7871aa2f8584b427fe8
SHA256: 1bcf678229c4b8cd47804c9dac7759b7a5abf3998af33680460abe4ee5efa2b7
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-tinkar:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-audit:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-communications:compileClasspath spring-boot-admin-client-3.2.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/de.codecentric/spring-boot-admin-starter-client@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-client@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-client@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-client@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-client@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-client@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-client@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-client@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-client@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-client@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-client@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-client@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-client@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-client@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-client@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-client@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-client@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-client@3.2.0 Evidence Type Source Name Value Confidence Vendor file name spring-boot-admin-client High Vendor gradle artifactid spring-boot-admin-client Highest Vendor gradle groupid de.codecentric Highest Vendor jar package name admin Highest Vendor jar package name boot Highest Vendor jar package name codecentric Highest Vendor jar package name de Highest Vendor Manifest automatic-module-name de.codecentric.spring.boot.admin.client Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor codecentric AG High Vendor pom artifactid spring-boot-admin-client Low Vendor pom developer email spring-boot-admin@codecentric.de Low Vendor pom developer name codecentric AG Medium Vendor pom groupid de.codecentric Highest Vendor pom name Spring Boot Admin Client High Vendor pom organization name codecentric AG High Vendor pom organization url http://www.codecentric.de Medium Vendor pom parent-artifactid spring-boot-admin-build Low Vendor pom url codecentric/spring-boot-admin/spring-boot-admin-dependencies/spring-boot-admin-build/spring-boot-admin-client/ Highest Product file name spring-boot-admin-client High Product gradle artifactid spring-boot-admin-client Highest Product jar package name admin Highest Product jar package name boot Highest Product jar package name codecentric Highest Product jar package name de Highest Product Manifest automatic-module-name de.codecentric.spring.boot.admin.client Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Spring Boot Admin Client High Product pom artifactid spring-boot-admin-client Highest Product pom developer email spring-boot-admin@codecentric.de Low Product pom developer name codecentric AG Low Product pom groupid de.codecentric Highest Product pom name Spring Boot Admin Client High Product pom organization name codecentric AG Low Product pom organization url http://www.codecentric.de Low Product pom parent-artifactid spring-boot-admin-build Medium Product pom url codecentric/spring-boot-admin/spring-boot-admin-dependencies/spring-boot-admin-build/spring-boot-admin-client/ High Version file version 3.2.0 High Version gradle version 3.2.0 Highest Version Manifest Implementation-Version 3.2.0 High Version pom version 3.2.0 Highest
spring-boot-admin-server-3.2.0.jarDescription:
Spring Boot Admin Server License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/de.codecentric/spring-boot-admin-server/3.2.0/79ff89791f372f4a2793665f3b569315cdd480cc/spring-boot-admin-server-3.2.0.jar
MD5: 03d202146f12039c4f4a911a7bd1b5fa
SHA1: 79ff89791f372f4a2793665f3b569315cdd480cc
SHA256: 16026ad4c2c0e67767cc039cee1b7314c59294b6bc026d2737230fd6a9be5ca3
Referenced In Projects/Scopes: opencdx-admin:compileClasspath opencdx-admin:runtimeClasspath opencdx-admin:productionRuntimeClasspath spring-boot-admin-server-3.2.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 Evidence Type Source Name Value Confidence Vendor file name spring-boot-admin-server High Vendor gradle artifactid spring-boot-admin-server Highest Vendor gradle groupid de.codecentric Highest Vendor jar package name admin Highest Vendor jar package name boot Highest Vendor jar package name codecentric Highest Vendor jar package name de Highest Vendor Manifest automatic-module-name de.codecentric.spring.boot.admin.server Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor codecentric AG High Vendor pom artifactid spring-boot-admin-server Low Vendor pom developer email spring-boot-admin@codecentric.de Low Vendor pom developer name codecentric AG Medium Vendor pom groupid de.codecentric Highest Vendor pom name Spring Boot Admin Server High Vendor pom organization name codecentric AG High Vendor pom organization url http://www.codecentric.de Medium Vendor pom parent-artifactid spring-boot-admin-build Low Vendor pom url codecentric/spring-boot-admin/spring-boot-admin-dependencies/spring-boot-admin-build/spring-boot-admin-server/ Highest Product file name spring-boot-admin-server High Product gradle artifactid spring-boot-admin-server Highest Product jar package name admin Highest Product jar package name boot Highest Product jar package name codecentric Highest Product jar package name de Highest Product Manifest automatic-module-name de.codecentric.spring.boot.admin.server Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Spring Boot Admin Server High Product pom artifactid spring-boot-admin-server Highest Product pom developer email spring-boot-admin@codecentric.de Low Product pom developer name codecentric AG Low Product pom groupid de.codecentric Highest Product pom name Spring Boot Admin Server High Product pom organization name codecentric AG Low Product pom organization url http://www.codecentric.de Low Product pom parent-artifactid spring-boot-admin-build Medium Product pom url codecentric/spring-boot-admin/spring-boot-admin-dependencies/spring-boot-admin-build/spring-boot-admin-server/ High Version file version 3.2.0 High Version gradle version 3.2.0 Highest Version Manifest Implementation-Version 3.2.0 High Version pom version 3.2.0 Highest
spring-boot-admin-server-cloud-3.2.0.jarDescription:
Spring Boot Admin Server Cloud License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/de.codecentric/spring-boot-admin-server-cloud/3.2.0/5893eed8a1ade2d9e2490fac1e22def807083a23/spring-boot-admin-server-cloud-3.2.0.jar
MD5: 8a46fd9ee53dc37f1bfa10b7a9c51437
SHA1: 5893eed8a1ade2d9e2490fac1e22def807083a23
SHA256: dc6c3cc297b69d3c4d6cb3593323ef4c73f3ea5641d83f19f0be4c5e62fe247b
Referenced In Projects/Scopes: opencdx-admin:compileClasspath opencdx-admin:runtimeClasspath opencdx-admin:productionRuntimeClasspath spring-boot-admin-server-cloud-3.2.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 Evidence Type Source Name Value Confidence Vendor file name spring-boot-admin-server-cloud High Vendor gradle artifactid spring-boot-admin-server-cloud Highest Vendor gradle groupid de.codecentric Highest Vendor jar package name admin Highest Vendor jar package name boot Highest Vendor jar package name codecentric Highest Vendor jar package name de Highest Vendor Manifest automatic-module-name de.codecentric.spring.boot.admin.server.cloud Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor codecentric AG High Vendor pom artifactid spring-boot-admin-server-cloud Low Vendor pom developer email spring-boot-admin@codecentric.de Low Vendor pom developer name codecentric AG Medium Vendor pom groupid de.codecentric Highest Vendor pom name Spring Boot Admin Server Cloud High Vendor pom organization name codecentric AG High Vendor pom organization url http://www.codecentric.de Medium Vendor pom parent-artifactid spring-boot-admin-build Low Vendor pom url codecentric/spring-boot-admin/spring-boot-admin-dependencies/spring-boot-admin-build/spring-boot-admin-server-cloud/ Highest Product file name spring-boot-admin-server-cloud High Product gradle artifactid spring-boot-admin-server-cloud Highest Product jar package name admin Highest Product jar package name boot Highest Product jar package name codecentric Highest Product jar package name de Highest Product Manifest automatic-module-name de.codecentric.spring.boot.admin.server.cloud Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Spring Boot Admin Server Cloud High Product pom artifactid spring-boot-admin-server-cloud Highest Product pom developer email spring-boot-admin@codecentric.de Low Product pom developer name codecentric AG Low Product pom groupid de.codecentric Highest Product pom name Spring Boot Admin Server Cloud High Product pom organization name codecentric AG Low Product pom organization url http://www.codecentric.de Low Product pom parent-artifactid spring-boot-admin-build Medium Product pom url codecentric/spring-boot-admin/spring-boot-admin-dependencies/spring-boot-admin-build/spring-boot-admin-server-cloud/ High Version file version 3.2.0 High Version gradle version 3.2.0 Highest Version Manifest Implementation-Version 3.2.0 High Version pom version 3.2.0 Highest
spring-boot-admin-server-ui-3.2.0.jarDescription:
Spring Boot Admin Server UI License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/de.codecentric/spring-boot-admin-server-ui/3.2.0/a17647233179c7056c4bde25fb807952e5fda613/spring-boot-admin-server-ui-3.2.0.jar
MD5: cfd612314efa3dd0004235d41c4f72e5
SHA1: a17647233179c7056c4bde25fb807952e5fda613
SHA256: f5ebd21bce81477ce2778a6dce555eebe60112703d456d32c7a1b9a7c9dfb03f
Referenced In Projects/Scopes: opencdx-admin:compileClasspath opencdx-admin:runtimeClasspath opencdx-admin:productionRuntimeClasspath spring-boot-admin-server-ui-3.2.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 Evidence Type Source Name Value Confidence Vendor file name spring-boot-admin-server-ui High Vendor gradle artifactid spring-boot-admin-server-ui Highest Vendor gradle groupid de.codecentric Highest Vendor jar package name admin Highest Vendor jar package name boot Highest Vendor jar package name codecentric Highest Vendor jar package name de Highest Vendor Manifest automatic-module-name de.codecentric.spring.boot.admin.server.ui Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor codecentric AG High Vendor pom artifactid spring-boot-admin-server-ui Low Vendor pom developer email spring-boot-admin@codecentric.de Low Vendor pom developer name codecentric AG Medium Vendor pom groupid de.codecentric Highest Vendor pom name Spring Boot Admin Server UI High Vendor pom organization name codecentric AG High Vendor pom organization url http://www.codecentric.de Medium Vendor pom parent-artifactid spring-boot-admin-build Low Vendor pom url codecentric/spring-boot-admin/spring-boot-admin-dependencies/spring-boot-admin-build/spring-boot-admin-server-ui/ Highest Product file name spring-boot-admin-server-ui High Product gradle artifactid spring-boot-admin-server-ui Highest Product jar package name admin Highest Product jar package name boot Highest Product jar package name codecentric Highest Product jar package name de Highest Product Manifest automatic-module-name de.codecentric.spring.boot.admin.server.ui Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Spring Boot Admin Server UI High Product pom artifactid spring-boot-admin-server-ui Highest Product pom developer email spring-boot-admin@codecentric.de Low Product pom developer name codecentric AG Low Product pom groupid de.codecentric Highest Product pom name Spring Boot Admin Server UI High Product pom organization name codecentric AG Low Product pom organization url http://www.codecentric.de Low Product pom parent-artifactid spring-boot-admin-build Medium Product pom url codecentric/spring-boot-admin/spring-boot-admin-dependencies/spring-boot-admin-build/spring-boot-admin-server-ui/ High Version file version 3.2.0 High Version gradle version 3.2.0 Highest Version Manifest Implementation-Version 3.2.0 High Version pom version 3.2.0 Highest
spring-boot-admin-server-ui-3.2.0.jar: eventsource-EYfasNVp.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/de.codecentric/spring-boot-admin-server-ui/3.2.0/a17647233179c7056c4bde25fb807952e5fda613/spring-boot-admin-server-ui-3.2.0.jar/META-INF/spring-boot-admin-server-ui/assets/eventsource-EYfasNVp.jsMD5: d77de5f26317f7dd7d8487bdec28e7dcSHA1: aae989e5a2c8a0aab0d646e929fe70440ac35410SHA256: 049cc13bfe3631ceb0cb06a2656dbeec53d37f75434019cbef5008429e24da44Referenced In Projects/Scopes:
opencdx-admin:compileClasspath opencdx-admin:runtimeClasspath opencdx-admin:productionRuntimeClasspath Evidence Type Source Name Value Confidence
spring-boot-admin-server-ui-3.2.0.jar: index-d1esNk42.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/de.codecentric/spring-boot-admin-server-ui/3.2.0/a17647233179c7056c4bde25fb807952e5fda613/spring-boot-admin-server-ui-3.2.0.jar/META-INF/spring-boot-admin-server-ui/assets/index-d1esNk42.jsMD5: 8e6bc6bed9a7ca9bd15957cd6d166683SHA1: 8d0033f7275074a8e527126a5c748b0d725a7998SHA256: 1d46ada21df5a19f90ce5ab45721c8972b74b21641d3b9ae525e163b92904718Referenced In Projects/Scopes:
opencdx-admin:compileClasspath opencdx-admin:runtimeClasspath opencdx-admin:productionRuntimeClasspath Evidence Type Source Name Value Confidence
spring-boot-admin-server-ui-3.2.0.jar: login-SVKEQisE.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/de.codecentric/spring-boot-admin-server-ui/3.2.0/a17647233179c7056c4bde25fb807952e5fda613/spring-boot-admin-server-ui-3.2.0.jar/META-INF/spring-boot-admin-server-ui/assets/login-SVKEQisE.jsMD5: 502292b6a2b32b7ac4df657b2b59e108SHA1: e1239c03c7eb237e67a04f84e99689dc09910ea5SHA256: fcb1099f81f4aed444cde5266fa749f9e90931933f530e7d9ddb118edb5cfb8aReferenced In Projects/Scopes:
opencdx-admin:compileClasspath opencdx-admin:runtimeClasspath opencdx-admin:productionRuntimeClasspath Evidence Type Source Name Value Confidence
spring-boot-admin-server-ui-3.2.0.jar: mockServiceWorker.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/de.codecentric/spring-boot-admin-server-ui/3.2.0/a17647233179c7056c4bde25fb807952e5fda613/spring-boot-admin-server-ui-3.2.0.jar/META-INF/spring-boot-admin-server-ui/mockServiceWorker.jsMD5: 47e461f12d6d12de71a623efaadd30c6SHA1: 761e145b388ab4d422c251f5f19d09abb1821a17SHA256: 50dbb79ad29d9b02e584a6c4aa0785e77a3a3ed3d6a6b82d11de498c70381d7fReferenced In Projects/Scopes:
opencdx-admin:compileClasspath opencdx-admin:runtimeClasspath opencdx-admin:productionRuntimeClasspath Evidence Type Source Name Value Confidence
spring-boot-admin-server-ui-3.2.0.jar: sba-cGtb16ww.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/de.codecentric/spring-boot-admin-server-ui/3.2.0/a17647233179c7056c4bde25fb807952e5fda613/spring-boot-admin-server-ui-3.2.0.jar/META-INF/spring-boot-admin-server-ui/assets/sba-cGtb16ww.jsMD5: 9b01ac633c66ebe743bdddde129c68faSHA1: 03cb72f16d404917f75cf799bf83f492980883d2SHA256: ddea15d4ff268802f735241d5811495addebbeb40e5f3563e9fa6b8a08c14fcdReferenced In Projects/Scopes:
opencdx-admin:compileClasspath opencdx-admin:runtimeClasspath opencdx-admin:productionRuntimeClasspath Evidence Type Source Name Value Confidence
spring-boot-admin-server-ui-3.2.0.jar: sba-settings.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/de.codecentric/spring-boot-admin-server-ui/3.2.0/a17647233179c7056c4bde25fb807952e5fda613/spring-boot-admin-server-ui-3.2.0.jar/META-INF/spring-boot-admin-server-ui/sba-settings.jsMD5: 71a44ab7244cf673ace83fca9e07260aSHA1: 3cab9a0c3d0628fd9e5c0b8c048edf2014a6526dSHA256: 97ab9af0aa6acc2435eceb7c8654521a53892ae04cc4b2f5cbe0e9ff6af357cbReferenced In Projects/Scopes:
opencdx-admin:compileClasspath opencdx-admin:runtimeClasspath opencdx-admin:productionRuntimeClasspath Evidence Type Source Name Value Confidence
spring-boot-admin-starter-client-3.2.0.jarDescription:
Spring Boot Admin Client Starter License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/de.codecentric/spring-boot-admin-starter-client/3.2.0/51e08916fb42d4e84ab9a9e7157f7775183d3de2/spring-boot-admin-starter-client-3.2.0.jar
MD5: f885c044b70f9752de3e4c234fe55d4e
SHA1: 51e08916fb42d4e84ab9a9e7157f7775183d3de2
SHA256: 7fbb7fd192f8b2e0e302b441c860e4ce2496e6b4d0ff631b4b1d119acdaa1df3
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-tinkar:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-audit:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-communications:compileClasspath spring-boot-admin-starter-client-3.2.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name spring-boot-admin-starter-client High Vendor gradle artifactid spring-boot-admin-starter-client Highest Vendor gradle groupid de.codecentric Highest Vendor Manifest automatic-module-name de.codecentric.spring.boot.admin.starter.client Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor codecentric AG High Vendor pom artifactid spring-boot-admin-starter-client Low Vendor pom developer email spring-boot-admin@codecentric.de Low Vendor pom developer name codecentric AG Medium Vendor pom groupid de.codecentric Highest Vendor pom name Spring Boot Admin Client Starter High Vendor pom organization name codecentric AG High Vendor pom organization url http://www.codecentric.de Medium Vendor pom parent-artifactid spring-boot-admin-build Low Vendor pom url codecentric/spring-boot-admin/spring-boot-admin-dependencies/spring-boot-admin-build/spring-boot-admin-starter-client/ Highest Product file name spring-boot-admin-starter-client High Product gradle artifactid spring-boot-admin-starter-client Highest Product Manifest automatic-module-name de.codecentric.spring.boot.admin.starter.client Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Spring Boot Admin Client Starter High Product pom artifactid spring-boot-admin-starter-client Highest Product pom developer email spring-boot-admin@codecentric.de Low Product pom developer name codecentric AG Low Product pom groupid de.codecentric Highest Product pom name Spring Boot Admin Client Starter High Product pom organization name codecentric AG Low Product pom organization url http://www.codecentric.de Low Product pom parent-artifactid spring-boot-admin-build Medium Product pom url codecentric/spring-boot-admin/spring-boot-admin-dependencies/spring-boot-admin-build/spring-boot-admin-starter-client/ High Version file version 3.2.0 High Version gradle version 3.2.0 Highest Version Manifest Implementation-Version 3.2.0 High Version pom version 3.2.0 Highest
spring-boot-admin-starter-server-3.2.0.jarDescription:
Spring Boot Admin Server Starter License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/de.codecentric/spring-boot-admin-starter-server/3.2.0/ec5cd1b9d38955bd17448e8190f6f7e6b2ae7f31/spring-boot-admin-starter-server-3.2.0.jar
MD5: 3d2125fab1e9c7cd9b3ba1fd8c938bc4
SHA1: ec5cd1b9d38955bd17448e8190f6f7e6b2ae7f31
SHA256: 20d7e31cbd75f94a5c2ce1c0c96c64c46168af82170fc63f5374fe5d33548a1a
Referenced In Projects/Scopes: opencdx-admin:compileClasspath opencdx-admin:runtimeClasspath opencdx-admin:productionRuntimeClasspath spring-boot-admin-starter-server-3.2.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-admin@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-admin@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-admin@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name spring-boot-admin-starter-server High Vendor gradle artifactid spring-boot-admin-starter-server Highest Vendor gradle groupid de.codecentric Highest Vendor Manifest automatic-module-name de.codecentric.spring.boot.admin.starter.server Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor codecentric AG High Vendor pom artifactid spring-boot-admin-starter-server Low Vendor pom developer email spring-boot-admin@codecentric.de Low Vendor pom developer name codecentric AG Medium Vendor pom groupid de.codecentric Highest Vendor pom name Spring Boot Admin Server Starter High Vendor pom organization name codecentric AG High Vendor pom organization url http://www.codecentric.de Medium Vendor pom parent-artifactid spring-boot-admin-build Low Vendor pom url codecentric/spring-boot-admin/spring-boot-admin-dependencies/spring-boot-admin-build/spring-boot-admin-starter-server/ Highest Product file name spring-boot-admin-starter-server High Product gradle artifactid spring-boot-admin-starter-server Highest Product Manifest automatic-module-name de.codecentric.spring.boot.admin.starter.server Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Spring Boot Admin Server Starter High Product pom artifactid spring-boot-admin-starter-server Highest Product pom developer email spring-boot-admin@codecentric.de Low Product pom developer name codecentric AG Low Product pom groupid de.codecentric Highest Product pom name Spring Boot Admin Server Starter High Product pom organization name codecentric AG Low Product pom organization url http://www.codecentric.de Low Product pom parent-artifactid spring-boot-admin-build Medium Product pom url codecentric/spring-boot-admin/spring-boot-admin-dependencies/spring-boot-admin-build/spring-boot-admin-starter-server/ High Version file version 3.2.0 High Version gradle version 3.2.0 Highest Version Manifest Implementation-Version 3.2.0 High Version pom version 3.2.0 Highest
spring-boot-autoconfigure-3.2.4.jar spring-boot-configuration-processor-3.2.4.jar spring-boot-starter-3.2.4.jar spring-boot-starter-actuator-3.2.4.jar spring-boot-starter-aop-3.2.4.jar spring-boot-starter-cache-3.2.4.jar spring-boot-starter-data-mongodb-3.2.4.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.boot/spring-boot-starter-data-mongodb/3.2.4/1b5b84b6df189035a62578cca9cf4304c0c6769b/spring-boot-starter-data-mongodb-3.2.4.jarMD5: cf66490c257d73286b26f6279f17f301SHA1: 1b5b84b6df189035a62578cca9cf4304c0c6769bSHA256: aec4ff2fafecd3c920654e9f38163b968a497f7dc5721f824dfa9e9c7ad78244Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath spring-boot-starter-data-mongodb-3.2.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name spring-boot-starter-data-mongodb High Vendor gradle artifactid spring-boot-starter-data-mongodb Highest Vendor gradle groupid org.springframework.boot Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor Manifest automatic-module-name spring.boot.starter.data.mongodb Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest spring-boot-jar-type dependencies-starter Low Product file name spring-boot-starter-data-mongodb High Product gradle artifactid spring-boot-starter-data-mongodb Highest Product Manifest automatic-module-name spring.boot.starter.data.mongodb Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Starter for using MongoDB document-oriented database and Spring Data MongoDB High Product Manifest spring-boot-jar-type dependencies-starter Low Version file version 3.2.4 High Version Manifest Implementation-Version 3.2.4 High
spring-boot-starter-freemarker-3.2.4.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.boot/spring-boot-starter-freemarker/3.2.4/4c31d3862637ef40180be858223d2dc86dcf31d8/spring-boot-starter-freemarker-3.2.4.jarMD5: 46823d8fbd11708fb58eee771c9a1d9fSHA1: 4c31d3862637ef40180be858223d2dc86dcf31d8SHA256: 1f5908d3c021af7640c7e27c1965ab8a06f3ec82528b23ee14a4127231fc1960Referenced In Projects/Scopes:
opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath spring-boot-starter-freemarker-3.2.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name spring-boot-starter-freemarker High Vendor gradle artifactid spring-boot-starter-freemarker Highest Vendor gradle groupid org.springframework.boot Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor Manifest automatic-module-name spring.boot.starter.freemarker Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest spring-boot-jar-type dependencies-starter Low Product file name spring-boot-starter-freemarker High Product gradle artifactid spring-boot-starter-freemarker Highest Product Manifest automatic-module-name spring.boot.starter.freemarker Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Starter for building MVC web applications using FreeMarker views High Product Manifest spring-boot-jar-type dependencies-starter Low Version file version 3.2.4 High Version Manifest Implementation-Version 3.2.4 High
spring-boot-starter-json-3.2.4.jar spring-boot-starter-logging-3.2.4.jar spring-boot-starter-reactor-netty-3.2.4.jar spring-boot-starter-security-3.2.4.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.boot/spring-boot-starter-security/3.2.4/a1b9f09832c42c6c079be67bf3e7989c54a338ff/spring-boot-starter-security-3.2.4.jarMD5: 62c8356121104d8248c1175d5b2b7fa5SHA1: a1b9f09832c42c6c079be67bf3e7989c54a338ffSHA256: cfbbba6ded54aebc4d3ee4748e5a6370c2079b2692f2c50f1315dcbb326de74dReferenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath spring-boot-starter-security-3.2.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name spring-boot-starter-security High Vendor gradle artifactid spring-boot-starter-security Highest Vendor gradle groupid org.springframework.boot Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor Manifest automatic-module-name spring.boot.starter.security Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest spring-boot-jar-type dependencies-starter Low Product file name spring-boot-starter-security High Product gradle artifactid spring-boot-starter-security Highest Product Manifest automatic-module-name spring.boot.starter.security Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Starter for using Spring Security High Product Manifest spring-boot-jar-type dependencies-starter Low Version file version 3.2.4 High Version Manifest Implementation-Version 3.2.4 High
spring-boot-starter-test-3.2.4.jar spring-boot-starter-thymeleaf-3.2.4.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.boot/spring-boot-starter-thymeleaf/3.2.4/db900acbd0bbeb7a8682fe6aeb477d17fe501ac1/spring-boot-starter-thymeleaf-3.2.4.jarMD5: e907a1df6b37fff2a6126eb4e893953eSHA1: db900acbd0bbeb7a8682fe6aeb477d17fe501ac1SHA256: 2ba33fc61463117a2654a36a4cdd86a5b33001058a3353a8b0f5bde8645dbb42Referenced In Projects/Scopes:
opencdx-admin:compileClasspath opencdx-communications:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-communications:compileClasspath spring-boot-starter-thymeleaf-3.2.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name spring-boot-starter-thymeleaf High Vendor gradle artifactid spring-boot-starter-thymeleaf Highest Vendor gradle groupid org.springframework.boot Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor Manifest automatic-module-name spring.boot.starter.thymeleaf Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest spring-boot-jar-type dependencies-starter Low Product file name spring-boot-starter-thymeleaf High Product gradle artifactid spring-boot-starter-thymeleaf Highest Product Manifest automatic-module-name spring.boot.starter.thymeleaf Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Starter for building MVC web applications using Thymeleaf views High Product Manifest spring-boot-jar-type dependencies-starter Low Version file version 3.2.4 High Version Manifest Implementation-Version 3.2.4 High
spring-boot-starter-tomcat-3.2.4.jar spring-boot-starter-validation-3.2.4.jar spring-boot-starter-web-3.2.4.jar spring-boot-starter-webflux-3.2.4.jar spring-boot-test-3.2.4.jar spring-boot-test-autoconfigure-3.2.4.jar spring-bridge-3.0.5.jarDescription:
HK2 Spring Bridge License:
http://www.eclipse.org/legal/epl-2.0, https://www.gnu.org/software/classpath/license.html File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.glassfish.hk2/spring-bridge/3.0.5/efa5fcbfe4f5d610b8adbd8391329a127ae7d0ee/spring-bridge-3.0.5.jar
MD5: 14bbd24d499c3bb45848b8c309ea8c5c
SHA1: efa5fcbfe4f5d610b8adbd8391329a127ae7d0ee
SHA256: acf2318b4ebe4e01f1a4e3ff95b24f454e621af3dc6466809848c2244f3f7d37
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath spring-bridge-3.0.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name spring-bridge High Vendor gradle artifactid spring-bridge Highest Vendor gradle groupid org.glassfish.hk2 Highest Vendor jar package name bridge Highest Vendor jar package name hk2 Highest Vendor jar package name spring Highest Vendor Manifest automatic-module-name org.glassfish.hk2.spring.bridge Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest bundle-symbolicname org.glassfish.hk2.spring-bridge Medium Vendor pom artifactid spring-bridge Low Vendor pom groupid org.glassfish.hk2 Highest Vendor pom name HK2 Spring Bridge High Vendor pom parent-artifactid hk2-parent Low Product file name spring-bridge High Product gradle artifactid spring-bridge Highest Product jar package name bridge Highest Product jar package name hk2 Highest Product jar package name spring Highest Product Manifest automatic-module-name org.glassfish.hk2.spring.bridge Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest Bundle-Name HK2 Spring Bridge Medium Product Manifest bundle-symbolicname org.glassfish.hk2.spring-bridge Medium Product pom artifactid spring-bridge Highest Product pom groupid org.glassfish.hk2 Highest Product pom name HK2 Spring Bridge High Product pom parent-artifactid hk2-parent Medium Version file version 3.0.5 High Version gradle version 3.0.5 Highest Version Manifest Bundle-Version 3.0.5 High Version pom version 3.0.5 Highest
spring-cloud-commons-4.1.0.jar spring-cloud-config-client-4.1.0.jarDescription:
This project is a Spring configuration client. License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.cloud/spring-cloud-config-client/4.1.0/8cd0713ef875da182193399640c01a126133befc/spring-cloud-config-client-4.1.0.jar
MD5: 206106544fc2d53f7c9250a31f239be5
SHA1: 8cd0713ef875da182193399640c01a126133befc
SHA256: b723cfacba6ffe293385a628b2ae0f7de2628bf3d540703d42421dc4255f38d8
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath spring-cloud-config-client-4.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-config@4.1.0 Evidence Type Source Name Value Confidence Vendor file name spring-cloud-config-client High Vendor gradle artifactid spring-cloud-config-client Highest Vendor gradle groupid org.springframework.cloud Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name client Highest Vendor jar package name cloud Highest Vendor jar package name config Highest Vendor jar package name springframework Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor Pivotal Software, Inc. High Vendor pom artifactid spring-cloud-config-client Low Vendor pom developer email dsyer at pivotal.io Low Vendor pom developer email mgrzejszczak at pivotal.io Low Vendor pom developer email omaciaszeksharma at pivotal.io Low Vendor pom developer email rbaxter at pivotal.io Low Vendor pom developer email sgibb at pivotal.io Low Vendor pom developer id dsyer Medium Vendor pom developer id mgrzejszczak Medium Vendor pom developer id omaciaszeksharma Medium Vendor pom developer id rbaxter Medium Vendor pom developer id sgibb Medium Vendor pom developer name Dave Syer Medium Vendor pom developer name Marcin Grzejszczak Medium Vendor pom developer name Olga Maciaszek-Sharma Medium Vendor pom developer name Ryan Baxter Medium Vendor pom developer name Spencer Gibb Medium Vendor pom developer org Pivotal Software, Inc. Medium Vendor pom developer org URL https://www.spring.io Medium Vendor pom groupid org.springframework.cloud Highest Vendor pom name Spring Cloud Config Client High Vendor pom organization name Pivotal Software, Inc. High Vendor pom organization url https://www.spring.io Medium Vendor pom parent-artifactid spring-cloud-config Low Vendor pom url https://spring.io Highest Product file name spring-cloud-config-client High Product gradle artifactid spring-cloud-config-client Highest Product jar package name client Highest Product jar package name cloud Highest Product jar package name config Highest Product jar package name springframework Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Spring Cloud Config Client High Product pom artifactid spring-cloud-config-client Highest Product pom developer email dsyer at pivotal.io Low Product pom developer email mgrzejszczak at pivotal.io Low Product pom developer email omaciaszeksharma at pivotal.io Low Product pom developer email rbaxter at pivotal.io Low Product pom developer email sgibb at pivotal.io Low Product pom developer id dsyer Low Product pom developer id mgrzejszczak Low Product pom developer id omaciaszeksharma Low Product pom developer id rbaxter Low Product pom developer id sgibb Low Product pom developer name Dave Syer Low Product pom developer name Marcin Grzejszczak Low Product pom developer name Olga Maciaszek-Sharma Low Product pom developer name Ryan Baxter Low Product pom developer name Spencer Gibb Low Product pom developer org Pivotal Software, Inc. Low Product pom developer org URL https://www.spring.io Low Product pom groupid org.springframework.cloud Highest Product pom name Spring Cloud Config Client High Product pom organization name Pivotal Software, Inc. Low Product pom organization url https://www.spring.io Low Product pom parent-artifactid spring-cloud-config Medium Product pom url https://spring.io Medium Version file version 4.1.0 High Version gradle version 4.1.0 Highest Version Manifest Implementation-Version 4.1.0 High Version pom version 4.1.0 Highest
spring-cloud-config-server-4.1.0.jarDescription:
spring-cloud-config-server License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.cloud/spring-cloud-config-server/4.1.0/bfa22da2ebbd59f52cc3d09e41dcb7d5100b8b4f/spring-cloud-config-server-4.1.0.jar
MD5: 6803dcaf5890e873dabd7ac65f820294
SHA1: bfa22da2ebbd59f52cc3d09e41dcb7d5100b8b4f
SHA256: db9fe4ad6267cac0b20b1c22b48219b05f894a27547f8a841f6b3094cd3d9425
Referenced In Projects/Scopes: opencdx-config:compileClasspath opencdx-config:runtimeClasspath opencdx-config:productionRuntimeClasspath spring-cloud-config-server-4.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name spring-cloud-config-server High Vendor gradle artifactid spring-cloud-config-server Highest Vendor gradle groupid org.springframework.cloud Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name cloud Highest Vendor jar package name config Highest Vendor jar package name server Highest Vendor jar package name springframework Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor Pivotal Software, Inc. High Vendor pom artifactid spring-cloud-config-server Low Vendor pom developer email dsyer at pivotal.io Low Vendor pom developer email mgrzejszczak at pivotal.io Low Vendor pom developer email omaciaszeksharma at pivotal.io Low Vendor pom developer email rbaxter at pivotal.io Low Vendor pom developer email sgibb at pivotal.io Low Vendor pom developer id dsyer Medium Vendor pom developer id mgrzejszczak Medium Vendor pom developer id omaciaszeksharma Medium Vendor pom developer id rbaxter Medium Vendor pom developer id sgibb Medium Vendor pom developer name Dave Syer Medium Vendor pom developer name Marcin Grzejszczak Medium Vendor pom developer name Olga Maciaszek-Sharma Medium Vendor pom developer name Ryan Baxter Medium Vendor pom developer name Spencer Gibb Medium Vendor pom developer org Pivotal Software, Inc. Medium Vendor pom developer org URL https://www.spring.io Medium Vendor pom groupid org.springframework.cloud Highest Vendor pom name spring-cloud-config-server High Vendor pom organization name Pivotal Software, Inc. High Vendor pom organization url https://www.spring.io Medium Vendor pom parent-artifactid spring-cloud-config Low Vendor pom url https://projects.spring.io/spring-cloud/spring-cloud-config-server/ Highest Product file name spring-cloud-config-server High Product gradle artifactid spring-cloud-config-server Highest Product jar package name cloud Highest Product jar package name config Highest Product jar package name server Highest Product jar package name springframework Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title spring-cloud-config-server High Product pom artifactid spring-cloud-config-server Highest Product pom developer email dsyer at pivotal.io Low Product pom developer email mgrzejszczak at pivotal.io Low Product pom developer email omaciaszeksharma at pivotal.io Low Product pom developer email rbaxter at pivotal.io Low Product pom developer email sgibb at pivotal.io Low Product pom developer id dsyer Low Product pom developer id mgrzejszczak Low Product pom developer id omaciaszeksharma Low Product pom developer id rbaxter Low Product pom developer id sgibb Low Product pom developer name Dave Syer Low Product pom developer name Marcin Grzejszczak Low Product pom developer name Olga Maciaszek-Sharma Low Product pom developer name Ryan Baxter Low Product pom developer name Spencer Gibb Low Product pom developer org Pivotal Software, Inc. Low Product pom developer org URL https://www.spring.io Low Product pom groupid org.springframework.cloud Highest Product pom name spring-cloud-config-server High Product pom organization name Pivotal Software, Inc. Low Product pom organization url https://www.spring.io Low Product pom parent-artifactid spring-cloud-config Medium Product pom url https://projects.spring.io/spring-cloud/spring-cloud-config-server/ Medium Version file version 4.1.0 High Version gradle version 4.1.0 Highest Version Manifest Implementation-Version 4.1.0 High Version pom version 4.1.0 Highest
spring-cloud-context-4.1.0.jar spring-cloud-gateway-server-4.1.0.jarDescription:
Spring Cloud Gateway Server License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.cloud/spring-cloud-gateway-server/4.1.0/bd6c2462cd1d05181d8377e2a4d1bd4567f3aff8/spring-cloud-gateway-server-4.1.0.jar
MD5: 729e454556378bec5fe445deabb88657
SHA1: bd6c2462cd1d05181d8377e2a4d1bd4567f3aff8
SHA256: 68ea80a378ab432a5ba56df724d166017a34ae2375bc2c3535b26bf083127402
Referenced In Projects/Scopes: opencdx-gateway:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-gateway:runtimeClasspath spring-cloud-gateway-server-4.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-gateway@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-gateway@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-gateway@4.1.0 Evidence Type Source Name Value Confidence Vendor file name spring-cloud-gateway-server High Vendor gradle artifactid spring-cloud-gateway-server Highest Vendor gradle groupid org.springframework.cloud Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name cloud Highest Vendor jar package name gateway Highest Vendor jar package name springframework Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor Pivotal Software, Inc. High Vendor pom artifactid spring-cloud-gateway-server Low Vendor pom developer email sgibb at pivotal.io Low Vendor pom developer id sgibb Medium Vendor pom developer name Spencer Gibb Medium Vendor pom developer org Pivotal Software, Inc. Medium Vendor pom developer org URL https://www.spring.io Medium Vendor pom groupid org.springframework.cloud Highest Vendor pom name Spring Cloud Gateway Server High Vendor pom organization name Pivotal Software, Inc. High Vendor pom organization url https://www.spring.io Medium Vendor pom parent-artifactid spring-cloud-gateway Low Vendor pom url https://spring.io/spring-cloud/spring-cloud-gateway/spring-cloud-gateway-server Highest Product file name spring-cloud-gateway-server High Product gradle artifactid spring-cloud-gateway-server Highest Product jar package name cloud Highest Product jar package name gateway Highest Product jar package name springframework Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Spring Cloud Gateway Server High Product pom artifactid spring-cloud-gateway-server Highest Product pom developer email sgibb at pivotal.io Low Product pom developer id sgibb Low Product pom developer name Spencer Gibb Low Product pom developer org Pivotal Software, Inc. Low Product pom developer org URL https://www.spring.io Low Product pom groupid org.springframework.cloud Highest Product pom name Spring Cloud Gateway Server High Product pom organization name Pivotal Software, Inc. Low Product pom organization url https://www.spring.io Low Product pom parent-artifactid spring-cloud-gateway Medium Product pom url https://spring.io/spring-cloud/spring-cloud-gateway/spring-cloud-gateway-server Medium Version file version 4.1.0 High Version gradle version 4.1.0 Highest Version Manifest Implementation-Version 4.1.0 High Version pom version 4.1.0 Highest
spring-cloud-loadbalancer-4.1.0.jarDescription:
Spring Cloud Balancer License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.cloud/spring-cloud-loadbalancer/4.1.0/a85c2102a320228b8d196a1bdacf9af06bb9e1dc/spring-cloud-loadbalancer-4.1.0.jar
MD5: 0e299d4fbcf929ea28fd7397b35fc338
SHA1: a85c2102a320228b8d196a1bdacf9af06bb9e1dc
SHA256: efd550933dfc9ab7fd1fb651f1e42bc3e0df446dc74fe80dd570461c5f99b21f
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath spring-cloud-loadbalancer-4.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name spring-cloud-loadbalancer High Vendor gradle artifactid spring-cloud-loadbalancer Highest Vendor gradle groupid org.springframework.cloud Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name cloud Highest Vendor jar package name loadbalancer Highest Vendor jar package name springframework Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor Pivotal Software, Inc. High Vendor pom artifactid spring-cloud-loadbalancer Low Vendor pom developer email dsyer at pivotal.io Low Vendor pom developer email mgrzejszczak at pivotal.io Low Vendor pom developer email omaciaszeksharma at pivotal.io Low Vendor pom developer email rbaxter at pivotal.io Low Vendor pom developer email sgibb at pivotal.io Low Vendor pom developer id dsyer Medium Vendor pom developer id mgrzejszczak Medium Vendor pom developer id omaciaszeksharma Medium Vendor pom developer id rbaxter Medium Vendor pom developer id sgibb Medium Vendor pom developer name Dave Syer Medium Vendor pom developer name Marcin Grzejszczak Medium Vendor pom developer name Olga Maciaszek-Sharma Medium Vendor pom developer name Ryan Baxter Medium Vendor pom developer name Spencer Gibb Medium Vendor pom developer org Pivotal Software, Inc. Medium Vendor pom developer org URL https://www.spring.io Medium Vendor pom groupid org.springframework.cloud Highest Vendor pom name Spring Cloud Load Balancer High Vendor pom organization name Pivotal Software, Inc. High Vendor pom organization url https://www.spring.io Medium Vendor pom parent-artifactid spring-cloud-commons-parent Low Vendor pom url https://projects.spring.io/spring-cloud/spring-cloud-loadbalancer/ Highest Product file name spring-cloud-loadbalancer High Product gradle artifactid spring-cloud-loadbalancer Highest Product jar package name cloud Highest Product jar package name loadbalancer Highest Product jar package name springframework Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Spring Cloud Load Balancer High Product pom artifactid spring-cloud-loadbalancer Highest Product pom developer email dsyer at pivotal.io Low Product pom developer email mgrzejszczak at pivotal.io Low Product pom developer email omaciaszeksharma at pivotal.io Low Product pom developer email rbaxter at pivotal.io Low Product pom developer email sgibb at pivotal.io Low Product pom developer id dsyer Low Product pom developer id mgrzejszczak Low Product pom developer id omaciaszeksharma Low Product pom developer id rbaxter Low Product pom developer id sgibb Low Product pom developer name Dave Syer Low Product pom developer name Marcin Grzejszczak Low Product pom developer name Olga Maciaszek-Sharma Low Product pom developer name Ryan Baxter Low Product pom developer name Spencer Gibb Low Product pom developer org Pivotal Software, Inc. Low Product pom developer org URL https://www.spring.io Low Product pom groupid org.springframework.cloud Highest Product pom name Spring Cloud Load Balancer High Product pom organization name Pivotal Software, Inc. Low Product pom organization url https://www.spring.io Low Product pom parent-artifactid spring-cloud-commons-parent Medium Product pom url https://projects.spring.io/spring-cloud/spring-cloud-loadbalancer/ Medium Version file version 4.1.0 High Version gradle version 4.1.0 Highest Version Manifest Implementation-Version 4.1.0 High Version pom version 4.1.0 Highest
spring-cloud-netflix-eureka-client-4.1.0.jarDescription:
Spring Cloud Netflix Eureka Client License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.cloud/spring-cloud-netflix-eureka-client/4.1.0/4d04e44ab9cd3ec8ad9be3017328c623a356538b/spring-cloud-netflix-eureka-client-4.1.0.jar
MD5: 231fd7cfe41b527af4f2e0c33bdc2f70
SHA1: 4d04e44ab9cd3ec8ad9be3017328c623a356538b
SHA256: 63e0e6de8093279d46f4d29623fc938df3763cecd4bbed868acaadc7d8841afa
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath spring-cloud-netflix-eureka-client-4.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name spring-cloud-netflix-eureka-client High Vendor gradle artifactid spring-cloud-netflix-eureka-client Highest Vendor gradle groupid org.springframework.cloud Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name cloud Highest Vendor jar package name eureka Highest Vendor jar package name netflix Highest Vendor jar package name springframework Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor Pivotal Software, Inc. High Vendor pom artifactid spring-cloud-netflix-eureka-client Low Vendor pom developer email dsyer at pivotal.io Low Vendor pom developer email mgrzejszczak at pivotal.io Low Vendor pom developer email omaciaszeksharma at pivotal.io Low Vendor pom developer email rbaxter at pivotal.io Low Vendor pom developer email sgibb at pivotal.io Low Vendor pom developer id dsyer Medium Vendor pom developer id mgrzejszczak Medium Vendor pom developer id omaciaszeksharma Medium Vendor pom developer id rbaxter Medium Vendor pom developer id sgibb Medium Vendor pom developer name Dave Syer Medium Vendor pom developer name Marcin Grzejszczak Medium Vendor pom developer name Olga Maciaszek-Sharma Medium Vendor pom developer name Ryan Baxter Medium Vendor pom developer name Spencer Gibb Medium Vendor pom developer org Pivotal Software, Inc. Medium Vendor pom developer org URL https://www.spring.io Medium Vendor pom groupid org.springframework.cloud Highest Vendor pom name Spring Cloud Netflix Eureka Client High Vendor pom organization name Pivotal Software, Inc. High Vendor pom organization url https://www.spring.io Medium Vendor pom parent-artifactid spring-cloud-netflix Low Vendor pom url https://spring.io/spring-cloud/spring-cloud-netflix/spring-cloud-netflix-eureka-client Highest Product file name spring-cloud-netflix-eureka-client High Product gradle artifactid spring-cloud-netflix-eureka-client Highest Product jar package name cloud Highest Product jar package name eureka Highest Product jar package name netflix Highest Product jar package name springframework Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Spring Cloud Netflix Eureka Client High Product pom artifactid spring-cloud-netflix-eureka-client Highest Product pom developer email dsyer at pivotal.io Low Product pom developer email mgrzejszczak at pivotal.io Low Product pom developer email omaciaszeksharma at pivotal.io Low Product pom developer email rbaxter at pivotal.io Low Product pom developer email sgibb at pivotal.io Low Product pom developer id dsyer Low Product pom developer id mgrzejszczak Low Product pom developer id omaciaszeksharma Low Product pom developer id rbaxter Low Product pom developer id sgibb Low Product pom developer name Dave Syer Low Product pom developer name Marcin Grzejszczak Low Product pom developer name Olga Maciaszek-Sharma Low Product pom developer name Ryan Baxter Low Product pom developer name Spencer Gibb Low Product pom developer org Pivotal Software, Inc. Low Product pom developer org URL https://www.spring.io Low Product pom groupid org.springframework.cloud Highest Product pom name Spring Cloud Netflix Eureka Client High Product pom organization name Pivotal Software, Inc. Low Product pom organization url https://www.spring.io Low Product pom parent-artifactid spring-cloud-netflix Medium Product pom url https://spring.io/spring-cloud/spring-cloud-netflix/spring-cloud-netflix-eureka-client Medium Version file version 4.1.0 High Version gradle version 4.1.0 Highest Version Manifest Implementation-Version 4.1.0 High Version pom version 4.1.0 Highest
spring-cloud-netflix-eureka-server-4.1.0.jarDescription:
Spring Cloud Netflix License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.cloud/spring-cloud-netflix-eureka-server/4.1.0/cc5749dfdf2f31e72709ff6ece0774f33c9bc95a/spring-cloud-netflix-eureka-server-4.1.0.jar
MD5: 9c91de061593c0c7d36fd18f41cfc4e0
SHA1: cc5749dfdf2f31e72709ff6ece0774f33c9bc95a
SHA256: 89d8ca73e70c303478af9bdb6ed06a7465d1357791270435f37ee2b0eb4b2378
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath spring-cloud-netflix-eureka-server-4.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name spring-cloud-netflix-eureka-server High Vendor gradle artifactid spring-cloud-netflix-eureka-server Highest Vendor gradle groupid org.springframework.cloud Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name cloud Highest Vendor jar package name eureka Highest Vendor jar package name netflix Highest Vendor jar package name springframework Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor Pivotal Software, Inc. High Vendor pom artifactid spring-cloud-netflix-eureka-server Low Vendor pom developer email dsyer at pivotal.io Low Vendor pom developer email mgrzejszczak at pivotal.io Low Vendor pom developer email omaciaszeksharma at pivotal.io Low Vendor pom developer email rbaxter at pivotal.io Low Vendor pom developer email sgibb at pivotal.io Low Vendor pom developer id dsyer Medium Vendor pom developer id mgrzejszczak Medium Vendor pom developer id omaciaszeksharma Medium Vendor pom developer id rbaxter Medium Vendor pom developer id sgibb Medium Vendor pom developer name Dave Syer Medium Vendor pom developer name Marcin Grzejszczak Medium Vendor pom developer name Olga Maciaszek-Sharma Medium Vendor pom developer name Ryan Baxter Medium Vendor pom developer name Spencer Gibb Medium Vendor pom developer org Pivotal Software, Inc. Medium Vendor pom developer org URL https://www.spring.io Medium Vendor pom groupid org.springframework.cloud Highest Vendor pom name Spring Cloud Netflix Eureka Server High Vendor pom organization name Pivotal Software, Inc. High Vendor pom organization url https://www.spring.io Medium Vendor pom parent-artifactid spring-cloud-netflix Low Vendor pom url https://projects.spring.io/spring-cloud/ Highest Product file name spring-cloud-netflix-eureka-server High Product gradle artifactid spring-cloud-netflix-eureka-server Highest Product jar package name cloud Highest Product jar package name eureka Highest Product jar package name netflix Highest Product jar package name springframework Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Spring Cloud Netflix Eureka Server High Product pom artifactid spring-cloud-netflix-eureka-server Highest Product pom developer email dsyer at pivotal.io Low Product pom developer email mgrzejszczak at pivotal.io Low Product pom developer email omaciaszeksharma at pivotal.io Low Product pom developer email rbaxter at pivotal.io Low Product pom developer email sgibb at pivotal.io Low Product pom developer id dsyer Low Product pom developer id mgrzejszczak Low Product pom developer id omaciaszeksharma Low Product pom developer id rbaxter Low Product pom developer id sgibb Low Product pom developer name Dave Syer Low Product pom developer name Marcin Grzejszczak Low Product pom developer name Olga Maciaszek-Sharma Low Product pom developer name Ryan Baxter Low Product pom developer name Spencer Gibb Low Product pom developer org Pivotal Software, Inc. Low Product pom developer org URL https://www.spring.io Low Product pom groupid org.springframework.cloud Highest Product pom name Spring Cloud Netflix Eureka Server High Product pom organization name Pivotal Software, Inc. Low Product pom organization url https://www.spring.io Low Product pom parent-artifactid spring-cloud-netflix Medium Product pom url https://projects.spring.io/spring-cloud/ Medium Version file version 4.1.0 High Version gradle version 4.1.0 Highest Version Manifest Implementation-Version 4.1.0 High Version pom version 4.1.0 Highest
spring-cloud-netflix-eureka-server-4.1.0.jar: wro.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.cloud/spring-cloud-netflix-eureka-server/4.1.0/cc5749dfdf2f31e72709ff6ece0774f33c9bc95a/spring-cloud-netflix-eureka-server-4.1.0.jar/static/eureka/js/wro.jsMD5: 7b0bffad4d08f627e66cfa2b73b77c23SHA1: e06254ae55b625fcae827589a7b7e3e9c85f64f1SHA256: 017f59a40083b9a4a514e729379d8748bca72bd81458d4b92a71e9056d517cddReferenced In Projects/Scopes:
opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath Evidence Type Source Name Value Confidence
spring-cloud-openfeign-core-4.1.0.jarDescription:
Spring Cloud OpenFeign Core License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.cloud/spring-cloud-openfeign-core/4.1.0/a8d8db55ffddb83ce8a8e3b2da115e7793c75f61/spring-cloud-openfeign-core-4.1.0.jar
MD5: 3433b10319296c66360c38f5deacf083
SHA1: a8d8db55ffddb83ce8a8e3b2da115e7793c75f61
SHA256: a2d44a976e02eb1088e8d04efdd7e39781611ac6b9f715e7cb7fe961d24a95ce
Referenced In Projects/Scopes: opencdx-client:productionRuntimeClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-client:compileClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath spring-cloud-openfeign-core-4.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-openfeign@4.1.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name spring-cloud-openfeign-core High Vendor gradle artifactid spring-cloud-openfeign-core Highest Vendor gradle groupid org.springframework.cloud Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name cloud Highest Vendor jar package name openfeign Highest Vendor jar package name springframework Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor Pivotal Software, Inc. High Vendor pom artifactid spring-cloud-openfeign-core Low Vendor pom developer email dsyer at pivotal.io Low Vendor pom developer email mgrzejszczak at pivotal.io Low Vendor pom developer email omaciaszeksharma at pivotal.io Low Vendor pom developer email rbaxter at pivotal.io Low Vendor pom developer email sgibb at pivotal.io Low Vendor pom developer id dsyer Medium Vendor pom developer id mgrzejszczak Medium Vendor pom developer id omaciaszeksharma Medium Vendor pom developer id rbaxter Medium Vendor pom developer id sgibb Medium Vendor pom developer name Dave Syer Medium Vendor pom developer name Marcin Grzejszczak Medium Vendor pom developer name Olga Maciaszek-Sharma Medium Vendor pom developer name Ryan Baxter Medium Vendor pom developer name Spencer Gibb Medium Vendor pom developer org Pivotal Software, Inc. Medium Vendor pom developer org URL https://www.spring.io Medium Vendor pom groupid org.springframework.cloud Highest Vendor pom name Spring Cloud OpenFeign Core High Vendor pom organization name Pivotal Software, Inc. High Vendor pom organization url https://www.spring.io Medium Vendor pom parent-artifactid spring-cloud-openfeign Low Vendor pom url https://spring.io/spring-cloud/spring-cloud-openfeign/spring-cloud-openfeign-core Highest Product file name spring-cloud-openfeign-core High Product gradle artifactid spring-cloud-openfeign-core Highest Product jar package name cloud Highest Product jar package name openfeign Highest Product jar package name springframework Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Spring Cloud OpenFeign Core High Product pom artifactid spring-cloud-openfeign-core Highest Product pom developer email dsyer at pivotal.io Low Product pom developer email mgrzejszczak at pivotal.io Low Product pom developer email omaciaszeksharma at pivotal.io Low Product pom developer email rbaxter at pivotal.io Low Product pom developer email sgibb at pivotal.io Low Product pom developer id dsyer Low Product pom developer id mgrzejszczak Low Product pom developer id omaciaszeksharma Low Product pom developer id rbaxter Low Product pom developer id sgibb Low Product pom developer name Dave Syer Low Product pom developer name Marcin Grzejszczak Low Product pom developer name Olga Maciaszek-Sharma Low Product pom developer name Ryan Baxter Low Product pom developer name Spencer Gibb Low Product pom developer org Pivotal Software, Inc. Low Product pom developer org URL https://www.spring.io Low Product pom groupid org.springframework.cloud Highest Product pom name Spring Cloud OpenFeign Core High Product pom organization name Pivotal Software, Inc. Low Product pom organization url https://www.spring.io Low Product pom parent-artifactid spring-cloud-openfeign Medium Product pom url https://spring.io/spring-cloud/spring-cloud-openfeign/spring-cloud-openfeign-core Medium Version file version 4.1.0 High Version gradle version 4.1.0 Highest Version Manifest Implementation-Version 4.1.0 High Version pom version 4.1.0 Highest
spring-cloud-starter-4.1.0.jar spring-cloud-starter-config-4.1.0.jarDescription:
Spring Cloud Starter License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.cloud/spring-cloud-starter-config/4.1.0/728c5582b0e142d8bd61d9fc82904e45b8544569/spring-cloud-starter-config-4.1.0.jar
MD5: d5c3e46a4ebca3755561df04950c7285
SHA1: 728c5582b0e142d8bd61d9fc82904e45b8544569
SHA256: 1136885832552c454c8c52ed72a7c91741c0e466120c7bcf55d11d14b90e7c85
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath spring-cloud-starter-config-4.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name spring-cloud-starter-config High Vendor gradle artifactid spring-cloud-starter-config Highest Vendor gradle groupid org.springframework.cloud Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor Pivotal Software, Inc. High Vendor pom artifactid spring-cloud-starter-config Low Vendor pom developer email dsyer at pivotal.io Low Vendor pom developer email mgrzejszczak at pivotal.io Low Vendor pom developer email omaciaszeksharma at pivotal.io Low Vendor pom developer email rbaxter at pivotal.io Low Vendor pom developer email sgibb at pivotal.io Low Vendor pom developer id dsyer Medium Vendor pom developer id mgrzejszczak Medium Vendor pom developer id omaciaszeksharma Medium Vendor pom developer id rbaxter Medium Vendor pom developer id sgibb Medium Vendor pom developer name Dave Syer Medium Vendor pom developer name Marcin Grzejszczak Medium Vendor pom developer name Olga Maciaszek-Sharma Medium Vendor pom developer name Ryan Baxter Medium Vendor pom developer name Spencer Gibb Medium Vendor pom developer org Pivotal Software, Inc. Medium Vendor pom developer org URL https://www.spring.io Medium Vendor pom groupid org.springframework.cloud Highest Vendor pom name spring-cloud-starter-config High Vendor pom organization name Pivotal Software, Inc. High Vendor pom organization url https://www.spring.io Medium Vendor pom parent-artifactid spring-cloud-config Low Vendor pom url https://projects.spring.io/spring-cloud Highest Product file name spring-cloud-starter-config High Product gradle artifactid spring-cloud-starter-config Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title spring-cloud-starter-config High Product pom artifactid spring-cloud-starter-config Highest Product pom developer email dsyer at pivotal.io Low Product pom developer email mgrzejszczak at pivotal.io Low Product pom developer email omaciaszeksharma at pivotal.io Low Product pom developer email rbaxter at pivotal.io Low Product pom developer email sgibb at pivotal.io Low Product pom developer id dsyer Low Product pom developer id mgrzejszczak Low Product pom developer id omaciaszeksharma Low Product pom developer id rbaxter Low Product pom developer id sgibb Low Product pom developer name Dave Syer Low Product pom developer name Marcin Grzejszczak Low Product pom developer name Olga Maciaszek-Sharma Low Product pom developer name Ryan Baxter Low Product pom developer name Spencer Gibb Low Product pom developer org Pivotal Software, Inc. Low Product pom developer org URL https://www.spring.io Low Product pom groupid org.springframework.cloud Highest Product pom name spring-cloud-starter-config High Product pom organization name Pivotal Software, Inc. Low Product pom organization url https://www.spring.io Low Product pom parent-artifactid spring-cloud-config Medium Product pom url https://projects.spring.io/spring-cloud Medium Version file version 4.1.0 High Version gradle version 4.1.0 Highest Version Manifest Implementation-Version 4.1.0 High Version pom version 4.1.0 Highest
spring-cloud-starter-gateway-4.1.0.jarDescription:
Spring Cloud Starter License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.cloud/spring-cloud-starter-gateway/4.1.0/78c032b4fcacd067e74a65da744bf68fda32d5a2/spring-cloud-starter-gateway-4.1.0.jar
MD5: ce3b8fbe1b94e3653537ba55985449ec
SHA1: 78c032b4fcacd067e74a65da744bf68fda32d5a2
SHA256: 6e6c47b51203c423d4e82eda69a43c0d127312e66f51edb180017a933441b2ac
Referenced In Projects/Scopes: opencdx-gateway:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-gateway:runtimeClasspath spring-cloud-starter-gateway-4.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-gateway@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-gateway@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-gateway@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name spring-cloud-starter-gateway High Vendor gradle artifactid spring-cloud-starter-gateway Highest Vendor gradle groupid org.springframework.cloud Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor Pivotal Software, Inc. High Vendor pom artifactid spring-cloud-starter-gateway Low Vendor pom developer email sgibb at pivotal.io Low Vendor pom developer id sgibb Medium Vendor pom developer name Spencer Gibb Medium Vendor pom developer org Pivotal Software, Inc. Medium Vendor pom developer org URL https://www.spring.io Medium Vendor pom groupid org.springframework.cloud Highest Vendor pom name spring-cloud-starter-gateway High Vendor pom organization name Pivotal Software, Inc. High Vendor pom organization url https://www.spring.io Medium Vendor pom parent-artifactid spring-cloud-gateway Low Vendor pom url https://projects.spring.io/spring-cloud Highest Product file name spring-cloud-starter-gateway High Product gradle artifactid spring-cloud-starter-gateway Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title spring-cloud-starter-gateway High Product pom artifactid spring-cloud-starter-gateway Highest Product pom developer email sgibb at pivotal.io Low Product pom developer id sgibb Low Product pom developer name Spencer Gibb Low Product pom developer org Pivotal Software, Inc. Low Product pom developer org URL https://www.spring.io Low Product pom groupid org.springframework.cloud Highest Product pom name spring-cloud-starter-gateway High Product pom organization name Pivotal Software, Inc. Low Product pom organization url https://www.spring.io Low Product pom parent-artifactid spring-cloud-gateway Medium Product pom url https://projects.spring.io/spring-cloud Medium Version file version 4.1.0 High Version gradle version 4.1.0 Highest Version Manifest Implementation-Version 4.1.0 High Version pom version 4.1.0 Highest
spring-cloud-starter-loadbalancer-4.1.0.jarDescription:
Spring Cloud Starter LoadBalancer License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.cloud/spring-cloud-starter-loadbalancer/4.1.0/7171ee414a7832fc7bfbfa5c69dcb035b3bec3d2/spring-cloud-starter-loadbalancer-4.1.0.jar
MD5: f593265197b488a4601c991fa28c76c3
SHA1: 7171ee414a7832fc7bfbfa5c69dcb035b3bec3d2
SHA256: 51a6b8d4373dbd1c46dda27062e26c68634c58f8ffb5b0a462e5e45572f2597b
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath spring-cloud-starter-loadbalancer-4.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name spring-cloud-starter-loadbalancer High Vendor gradle artifactid spring-cloud-starter-loadbalancer Highest Vendor gradle groupid org.springframework.cloud Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor Pivotal Software, Inc. High Vendor pom artifactid spring-cloud-starter-loadbalancer Low Vendor pom developer email dsyer at pivotal.io Low Vendor pom developer email mgrzejszczak at pivotal.io Low Vendor pom developer email omaciaszeksharma at pivotal.io Low Vendor pom developer email rbaxter at pivotal.io Low Vendor pom developer email sgibb at pivotal.io Low Vendor pom developer id dsyer Medium Vendor pom developer id mgrzejszczak Medium Vendor pom developer id omaciaszeksharma Medium Vendor pom developer id rbaxter Medium Vendor pom developer id sgibb Medium Vendor pom developer name Dave Syer Medium Vendor pom developer name Marcin Grzejszczak Medium Vendor pom developer name Olga Maciaszek-Sharma Medium Vendor pom developer name Ryan Baxter Medium Vendor pom developer name Spencer Gibb Medium Vendor pom developer org Pivotal Software, Inc. Medium Vendor pom developer org URL https://www.spring.io Medium Vendor pom groupid org.springframework.cloud Highest Vendor pom name spring-cloud-starter-loadbalancer High Vendor pom organization name Pivotal Software, Inc. High Vendor pom organization url https://www.spring.io Medium Vendor pom parent-artifactid spring-cloud-commons-parent Low Vendor pom url https://projects.spring.io/spring-cloud Highest Product file name spring-cloud-starter-loadbalancer High Product gradle artifactid spring-cloud-starter-loadbalancer Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title spring-cloud-starter-loadbalancer High Product pom artifactid spring-cloud-starter-loadbalancer Highest Product pom developer email dsyer at pivotal.io Low Product pom developer email mgrzejszczak at pivotal.io Low Product pom developer email omaciaszeksharma at pivotal.io Low Product pom developer email rbaxter at pivotal.io Low Product pom developer email sgibb at pivotal.io Low Product pom developer id dsyer Low Product pom developer id mgrzejszczak Low Product pom developer id omaciaszeksharma Low Product pom developer id rbaxter Low Product pom developer id sgibb Low Product pom developer name Dave Syer Low Product pom developer name Marcin Grzejszczak Low Product pom developer name Olga Maciaszek-Sharma Low Product pom developer name Ryan Baxter Low Product pom developer name Spencer Gibb Low Product pom developer org Pivotal Software, Inc. Low Product pom developer org URL https://www.spring.io Low Product pom groupid org.springframework.cloud Highest Product pom name spring-cloud-starter-loadbalancer High Product pom organization name Pivotal Software, Inc. Low Product pom organization url https://www.spring.io Low Product pom parent-artifactid spring-cloud-commons-parent Medium Product pom url https://projects.spring.io/spring-cloud Medium Version file version 4.1.0 High Version gradle version 4.1.0 Highest Version Manifest Implementation-Version 4.1.0 High Version pom version 4.1.0 Highest
spring-cloud-starter-netflix-eureka-client-4.1.0.jarDescription:
Spring Cloud Starter Netflix Eureka Client License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client/4.1.0/66077e7c4198db4c351391dd2e96399cff857f47/spring-cloud-starter-netflix-eureka-client-4.1.0.jar
MD5: 98bb52239decbde5432371e1b6a13f18
SHA1: 66077e7c4198db4c351391dd2e96399cff857f47
SHA256: dd0143903122d9a0cf94186c8f23c1532803aeca13f96a66b4c81350ebdcf4a7
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath spring-cloud-starter-netflix-eureka-client-4.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-admin@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-admin@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-gateway@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-gateway@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-admin@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-gateway@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name spring-cloud-starter-netflix-eureka-client High Vendor gradle artifactid spring-cloud-starter-netflix-eureka-client Highest Vendor gradle groupid org.springframework.cloud Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor Pivotal Software, Inc. High Vendor pom artifactid spring-cloud-starter-netflix-eureka-client Low Vendor pom developer email dsyer at pivotal.io Low Vendor pom developer email mgrzejszczak at pivotal.io Low Vendor pom developer email omaciaszeksharma at pivotal.io Low Vendor pom developer email rbaxter at pivotal.io Low Vendor pom developer email sgibb at pivotal.io Low Vendor pom developer id dsyer Medium Vendor pom developer id mgrzejszczak Medium Vendor pom developer id omaciaszeksharma Medium Vendor pom developer id rbaxter Medium Vendor pom developer id sgibb Medium Vendor pom developer name Dave Syer Medium Vendor pom developer name Marcin Grzejszczak Medium Vendor pom developer name Olga Maciaszek-Sharma Medium Vendor pom developer name Ryan Baxter Medium Vendor pom developer name Spencer Gibb Medium Vendor pom developer org Pivotal Software, Inc. Medium Vendor pom developer org URL https://www.spring.io Medium Vendor pom groupid org.springframework.cloud Highest Vendor pom name Spring Cloud Starter Netflix Eureka Client High Vendor pom organization name Pivotal Software, Inc. High Vendor pom organization url https://www.spring.io Medium Vendor pom parent-artifactid spring-cloud-netflix Low Vendor pom url https://projects.spring.io/spring-cloud Highest Product file name spring-cloud-starter-netflix-eureka-client High Product gradle artifactid spring-cloud-starter-netflix-eureka-client Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Spring Cloud Starter Netflix Eureka Client High Product pom artifactid spring-cloud-starter-netflix-eureka-client Highest Product pom developer email dsyer at pivotal.io Low Product pom developer email mgrzejszczak at pivotal.io Low Product pom developer email omaciaszeksharma at pivotal.io Low Product pom developer email rbaxter at pivotal.io Low Product pom developer email sgibb at pivotal.io Low Product pom developer id dsyer Low Product pom developer id mgrzejszczak Low Product pom developer id omaciaszeksharma Low Product pom developer id rbaxter Low Product pom developer id sgibb Low Product pom developer name Dave Syer Low Product pom developer name Marcin Grzejszczak Low Product pom developer name Olga Maciaszek-Sharma Low Product pom developer name Ryan Baxter Low Product pom developer name Spencer Gibb Low Product pom developer org Pivotal Software, Inc. Low Product pom developer org URL https://www.spring.io Low Product pom groupid org.springframework.cloud Highest Product pom name Spring Cloud Starter Netflix Eureka Client High Product pom organization name Pivotal Software, Inc. Low Product pom organization url https://www.spring.io Low Product pom parent-artifactid spring-cloud-netflix Medium Product pom url https://projects.spring.io/spring-cloud Medium Version file version 4.1.0 High Version gradle version 4.1.0 Highest Version Manifest Implementation-Version 4.1.0 High Version pom version 4.1.0 Highest
spring-cloud-starter-netflix-eureka-server-4.1.0.jarDescription:
Spring Cloud Starter Netflix Eureka Server License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server/4.1.0/b2d66e39eab46f92bd54e3dd1c6a4b8eb165ce/spring-cloud-starter-netflix-eureka-server-4.1.0.jar
MD5: 3d6c4f56035e7e5cdf76caedd1341f97
SHA1: 00b2d66e39eab46f92bd54e3dd1c6a4b8eb165ce
SHA256: 900f56f6049ce8b00794e47fe2199c191666d655a9572a3a86077c6aa9d1f71d
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath spring-cloud-starter-netflix-eureka-server-4.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-discovery@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-discovery@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-discovery@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name spring-cloud-starter-netflix-eureka-server High Vendor gradle artifactid spring-cloud-starter-netflix-eureka-server Highest Vendor gradle groupid org.springframework.cloud Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor Pivotal Software, Inc. High Vendor pom artifactid spring-cloud-starter-netflix-eureka-server Low Vendor pom developer email dsyer at pivotal.io Low Vendor pom developer email mgrzejszczak at pivotal.io Low Vendor pom developer email omaciaszeksharma at pivotal.io Low Vendor pom developer email rbaxter at pivotal.io Low Vendor pom developer email sgibb at pivotal.io Low Vendor pom developer id dsyer Medium Vendor pom developer id mgrzejszczak Medium Vendor pom developer id omaciaszeksharma Medium Vendor pom developer id rbaxter Medium Vendor pom developer id sgibb Medium Vendor pom developer name Dave Syer Medium Vendor pom developer name Marcin Grzejszczak Medium Vendor pom developer name Olga Maciaszek-Sharma Medium Vendor pom developer name Ryan Baxter Medium Vendor pom developer name Spencer Gibb Medium Vendor pom developer org Pivotal Software, Inc. Medium Vendor pom developer org URL https://www.spring.io Medium Vendor pom groupid org.springframework.cloud Highest Vendor pom name Spring Cloud Starter Netflix Eureka Server High Vendor pom organization name Pivotal Software, Inc. High Vendor pom organization url https://www.spring.io Medium Vendor pom parent-artifactid spring-cloud-netflix Low Vendor pom url https://projects.spring.io/spring-cloud Highest Product file name spring-cloud-starter-netflix-eureka-server High Product gradle artifactid spring-cloud-starter-netflix-eureka-server Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Spring Cloud Starter Netflix Eureka Server High Product pom artifactid spring-cloud-starter-netflix-eureka-server Highest Product pom developer email dsyer at pivotal.io Low Product pom developer email mgrzejszczak at pivotal.io Low Product pom developer email omaciaszeksharma at pivotal.io Low Product pom developer email rbaxter at pivotal.io Low Product pom developer email sgibb at pivotal.io Low Product pom developer id dsyer Low Product pom developer id mgrzejszczak Low Product pom developer id omaciaszeksharma Low Product pom developer id rbaxter Low Product pom developer id sgibb Low Product pom developer name Dave Syer Low Product pom developer name Marcin Grzejszczak Low Product pom developer name Olga Maciaszek-Sharma Low Product pom developer name Ryan Baxter Low Product pom developer name Spencer Gibb Low Product pom developer org Pivotal Software, Inc. Low Product pom developer org URL https://www.spring.io Low Product pom groupid org.springframework.cloud Highest Product pom name Spring Cloud Starter Netflix Eureka Server High Product pom organization name Pivotal Software, Inc. Low Product pom organization url https://www.spring.io Low Product pom parent-artifactid spring-cloud-netflix Medium Product pom url https://projects.spring.io/spring-cloud Medium Version file version 4.1.0 High Version gradle version 4.1.0 Highest Version Manifest Implementation-Version 4.1.0 High Version pom version 4.1.0 Highest
spring-cloud-starter-openfeign-4.1.0.jarDescription:
Spring Cloud Starter OpenFeign License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.cloud/spring-cloud-starter-openfeign/4.1.0/1ec867ae2e6f9f0bf06b8b65bc79df0b7573f7a3/spring-cloud-starter-openfeign-4.1.0.jar
MD5: a3b2fd10302bd06c2fe954821fb16165
SHA1: 1ec867ae2e6f9f0bf06b8b65bc79df0b7573f7a3
SHA256: 3967b15f078accd1f876bdecba3150e3f58d9ef16fbf8a1f353c89b42a9c14e0
Referenced In Projects/Scopes: opencdx-client:productionRuntimeClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-audit:runtimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-client:compileClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath spring-cloud-starter-openfeign-4.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-config@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name spring-cloud-starter-openfeign High Vendor gradle artifactid spring-cloud-starter-openfeign Highest Vendor gradle groupid org.springframework.cloud Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor Pivotal Software, Inc. High Vendor pom artifactid spring-cloud-starter-openfeign Low Vendor pom developer email dsyer at pivotal.io Low Vendor pom developer email mgrzejszczak at pivotal.io Low Vendor pom developer email omaciaszeksharma at pivotal.io Low Vendor pom developer email rbaxter at pivotal.io Low Vendor pom developer email sgibb at pivotal.io Low Vendor pom developer id dsyer Medium Vendor pom developer id mgrzejszczak Medium Vendor pom developer id omaciaszeksharma Medium Vendor pom developer id rbaxter Medium Vendor pom developer id sgibb Medium Vendor pom developer name Dave Syer Medium Vendor pom developer name Marcin Grzejszczak Medium Vendor pom developer name Olga Maciaszek-Sharma Medium Vendor pom developer name Ryan Baxter Medium Vendor pom developer name Spencer Gibb Medium Vendor pom developer org Pivotal Software, Inc. Medium Vendor pom developer org URL https://www.spring.io Medium Vendor pom groupid org.springframework.cloud Highest Vendor pom name Spring Cloud Starter OpenFeign High Vendor pom organization name Pivotal Software, Inc. High Vendor pom organization url https://www.spring.io Medium Vendor pom parent-artifactid spring-cloud-openfeign Low Vendor pom url https://projects.spring.io/spring-cloud Highest Product file name spring-cloud-starter-openfeign High Product gradle artifactid spring-cloud-starter-openfeign Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Spring Cloud Starter OpenFeign High Product pom artifactid spring-cloud-starter-openfeign Highest Product pom developer email dsyer at pivotal.io Low Product pom developer email mgrzejszczak at pivotal.io Low Product pom developer email omaciaszeksharma at pivotal.io Low Product pom developer email rbaxter at pivotal.io Low Product pom developer email sgibb at pivotal.io Low Product pom developer id dsyer Low Product pom developer id mgrzejszczak Low Product pom developer id omaciaszeksharma Low Product pom developer id rbaxter Low Product pom developer id sgibb Low Product pom developer name Dave Syer Low Product pom developer name Marcin Grzejszczak Low Product pom developer name Olga Maciaszek-Sharma Low Product pom developer name Ryan Baxter Low Product pom developer name Spencer Gibb Low Product pom developer org Pivotal Software, Inc. Low Product pom developer org URL https://www.spring.io Low Product pom groupid org.springframework.cloud Highest Product pom name Spring Cloud Starter OpenFeign High Product pom organization name Pivotal Software, Inc. Low Product pom organization url https://www.spring.io Low Product pom parent-artifactid spring-cloud-openfeign Medium Product pom url https://projects.spring.io/spring-cloud Medium Version file version 4.1.0 High Version gradle version 4.1.0 Highest Version Manifest Implementation-Version 4.1.0 High Version pom version 4.1.0 Highest
spring-context-6.1.2.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework/spring-context/6.1.2/15df19852991220556b4462a366269b8e15278eb/spring-context-6.1.2.jarMD5: ca23d3013c2afc6d3b30b993f3c5cd69SHA1: 15df19852991220556b4462a366269b8e15278ebSHA256: af22a435469956415bbee873de6c05995ef12f2d29622abf510a94581ea52de2Referenced In Projects/Scopes:
opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath spring-context-6.1.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/org.springframework/spring-context-support@6.1.2 pkg:maven/org.springframework.boot/spring-boot-starter-aop@3.2.4 pkg:maven/org.springframework/spring-context-support@6.1.2 pkg:maven/org.springframework.boot/spring-boot-starter-validation@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/io.nats/nats-spring@0.5.7 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-cache@3.2.4 pkg:maven/io.nats/nats-spring@0.5.7 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/org.springframework/spring-context-support@6.1.2 pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springframework.boot/spring-boot-starter-cache@3.2.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-aop@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework/spring-context-support@6.1.2 pkg:maven/org.springframework.boot/spring-boot-starter-validation@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-aop@3.2.4 pkg:maven/org.springframework/spring-context-support@6.1.2 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-cache@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework/spring-context-support@6.1.2 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-validation@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-test@3.2.4 pkg:maven/io.nats/nats-spring@0.5.7 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/io.github.lognet/grpc-spring-boot-starter@5.1.4 Evidence Type Source Name Value Confidence Vendor file name spring-context High Vendor gradle artifactid spring-context Highest Vendor gradle groupid org.springframework Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name context Highest Vendor jar package name springframework Low Vendor Manifest automatic-module-name spring.context Medium Product file name spring-context High Product gradle artifactid spring-context Highest Product jar package name context Highest Product Manifest automatic-module-name spring.context Medium Product Manifest Implementation-Title spring-context High Version file version 6.1.2 High Version Manifest Implementation-Version 6.1.2 High
CVE-2024-22233 suppress
In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.
Specifically, an application is vulnerable when all of the following are true:
* the application uses Spring MVC
* Spring Security 6.1.6+ or 6.2.1+ is on the classpath
Typically, Spring Boot applications need the org.springframework.boot:spring-boot-starter-web��and org.springframework.boot:spring-boot-starter-security��dependencies to meet all conditions.
NVD-CWE-noinfo
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
spring-context-6.1.5.jar spring-context-support-6.1.2.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework/spring-context-support/6.1.2/ca7a86d2b96b0faa2674d98eb91875bd634390b2/spring-context-support-6.1.2.jarMD5: cd4cf1acd32b88f91fe8b64f758aec6dSHA1: ca7a86d2b96b0faa2674d98eb91875bd634390b2SHA256: c678304f4fb6501165383f477d78f1db7642a08156b13d9c83b9d17d67d0efd1Referenced In Projects/Scopes:
opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath spring-context-support-6.1.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-cache@3.2.4 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-cache@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-cache@3.2.4 Evidence Type Source Name Value Confidence Vendor file name spring-context-support High Vendor gradle artifactid spring-context-support Highest Vendor gradle groupid org.springframework Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name cache Low Vendor jar package name springframework Low Vendor Manifest automatic-module-name spring.context.support Medium Product file name spring-context-support High Product gradle artifactid spring-context-support Highest Product jar package name cache Low Product Manifest automatic-module-name spring.context.support Medium Product Manifest Implementation-Title spring-context-support High Version file version 6.1.2 High Version Manifest Implementation-Version 6.1.2 High
CVE-2024-22233 suppress
In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.
Specifically, an application is vulnerable when all of the following are true:
* the application uses Spring MVC
* Spring Security 6.1.6+ or 6.2.1+ is on the classpath
Typically, Spring Boot applications need the org.springframework.boot:spring-boot-starter-web��and org.springframework.boot:spring-boot-starter-security��dependencies to meet all conditions.
NVD-CWE-noinfo
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
spring-context-support-6.1.5.jar spring-core-6.1.5.jar spring-data-commons-3.2.4.jarDescription:
Core Spring concepts underpinning every Spring Data module. File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.data/spring-data-commons/3.2.4/c934470822afb9f0751915b229d6fe28ff5e1ac2/spring-data-commons-3.2.4.jarMD5: 4d7df6ee89d43c3c324b11528d01809aSHA1: c934470822afb9f0751915b229d6fe28ff5e1ac2SHA256: 35d95442ab476e46d9ac4d60074f9b9c30b18c106fd1ec71d1d68c00d8080f6dReferenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath spring-data-commons-3.2.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name spring-data-commons High Vendor gradle artifactid spring-data-commons Highest Vendor gradle groupid org.springframework.data Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name core Highest Vendor jar package name data Highest Vendor jar package name springframework Highest Vendor Manifest automatic-module-name spring.data.commons Medium Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid spring-data-commons Low Vendor pom groupid org.springframework.data Highest Vendor pom name Spring Data Core High Vendor pom parent-artifactid spring-data-parent Low Vendor pom parent-groupid org.springframework.data.build Medium Vendor pom url https://spring.io/projects/spring-data Highest Product file name spring-data-commons High Product gradle artifactid spring-data-commons Highest Product jar package name core Highest Product jar package name data Highest Product jar package name springframework Highest Product Manifest automatic-module-name spring.data.commons Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Spring Data Core High Product pom artifactid spring-data-commons Highest Product pom groupid org.springframework.data Highest Product pom name Spring Data Core High Product pom parent-artifactid spring-data-parent Medium Product pom parent-groupid org.springframework.data.build Medium Product pom url https://spring.io/projects/spring-data Medium Version file version 3.2.4 High Version gradle version 3.2.4 Highest Version Manifest Implementation-Version 3.2.4 High Version pom version 3.2.4 Highest
spring-data-mongodb-4.2.4.jarDescription:
MongoDB support for Spring Data File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.data/spring-data-mongodb/4.2.4/8a781d43a43f7d63c3e4a1f9cf259788a7349394/spring-data-mongodb-4.2.4.jarMD5: b3975ffad9195f3c38c190c2468e01e9SHA1: 8a781d43a43f7d63c3e4a1f9cf259788a7349394SHA256: 7bba68d892de275214a3e83db7fd16dc75b409ef67f00663cb46e60caf3db587Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath spring-data-mongodb-4.2.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name spring-data-mongodb High Vendor gradle artifactid spring-data-mongodb Highest Vendor gradle groupid org.springframework.data Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name core Highest Vendor jar package name data Highest Vendor jar package name mongodb Highest Vendor jar package name springframework Highest Vendor Manifest automatic-module-name spring.data.mongodb Medium Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid spring-data-mongodb Low Vendor pom groupid org.springframework.data Highest Vendor pom name Spring Data MongoDB - Core High Vendor pom parent-artifactid spring-data-mongodb-parent Low Product file name spring-data-mongodb High Product gradle artifactid spring-data-mongodb Highest Product jar package name core Highest Product jar package name data Highest Product jar package name mongodb Highest Product jar package name springframework Highest Product Manifest automatic-module-name spring.data.mongodb Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Spring Data MongoDB - Core High Product pom artifactid spring-data-mongodb Highest Product pom groupid org.springframework.data Highest Product pom name Spring Data MongoDB - Core High Product pom parent-artifactid spring-data-mongodb-parent Medium Version file version 4.2.4 High Version gradle version 4.2.4 Highest Version Manifest Implementation-Version 4.2.4 High Version pom version 4.2.4 Highest
spring-expression-6.1.5.jar spring-jcl-6.1.5.jar spring-security-config-6.2.3.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.security/spring-security-config/6.2.3/281d0393358b963147b5499789ad211f7362d460/spring-security-config-6.2.3.jarMD5: ad8d3d4ff706929cbb1f138f75df83c8SHA1: 281d0393358b963147b5499789ad211f7362d460SHA256: 0e0756787d112beb9fc6b038e6ca8ac09f1f1791e7d4167ba7e77b0bd8ccb595Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath spring-security-config-6.2.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name spring-security-config High Vendor gradle artifactid spring-security-config Highest Vendor gradle groupid org.springframework.security Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name config Highest Vendor jar package name config Low Vendor jar package name security Highest Vendor jar package name security Low Vendor jar package name springframework Low Vendor Manifest automatic-module-name spring.security.config Medium Product file name spring-security-config High Product gradle artifactid spring-security-config Highest Product jar package name annotation Low Product jar package name config Highest Product jar package name config Low Product jar package name security Highest Product jar package name security Low Product Manifest automatic-module-name spring.security.config Medium Product Manifest Implementation-Title spring-security-config High Version file version 6.2.3 High Version Manifest Implementation-Version 6.2.3 High
spring-security-core-6.2.3.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.security/spring-security-core/6.2.3/52f2751381dcfad2c8cd2bfb4c7ca7b1adf2ea5e/spring-security-core-6.2.3.jarMD5: ac447b05a56b3ba56f12b6cc33ce90ceSHA1: 52f2751381dcfad2c8cd2bfb4c7ca7b1adf2ea5eSHA256: 2bfe7379f4a993a9670ab9f595dce10cd0f1d8aa44d36935006fae2fc6fbae8eReferenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath spring-security-core-6.2.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name spring-security-core High Vendor gradle artifactid spring-security-core Highest Vendor gradle groupid org.springframework.security Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name core Highest Vendor jar package name security Highest Vendor jar package name security Low Vendor jar package name springframework Low Vendor Manifest automatic-module-name spring.security.core Medium Product file name spring-security-core High Product gradle artifactid spring-security-core Highest Product jar package name core Highest Product jar package name security Highest Product jar package name security Low Product Manifest automatic-module-name spring.security.core Medium Product Manifest Implementation-Title spring-security-core High Version file version 6.2.3 High Version Manifest Implementation-Version 6.2.3 High
spring-security-crypto-6.2.3.jar spring-security-rsa-1.1.1.jar spring-security-web-6.2.3.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springframework.security/spring-security-web/6.2.3/d560c082805438b749e4e9267916ca7f1f0a430d/spring-security-web-6.2.3.jarMD5: 216d27e8e268c0598e3934264d068e87SHA1: d560c082805438b749e4e9267916ca7f1f0a430dSHA256: 8e7e2f4a4ecb8c0c078ccaf640a2aac7273860954a0a988b1fad167d637a2788Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath spring-security-web-6.2.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-security@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name spring-security-web High Vendor gradle artifactid spring-security-web Highest Vendor gradle groupid org.springframework.security Highest Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name security Highest Vendor jar package name security Low Vendor jar package name springframework Low Vendor jar package name web Highest Vendor jar package name web Low Vendor Manifest automatic-module-name spring.security.web Medium Product file name spring-security-web High Product gradle artifactid spring-security-web Highest Product jar package name security Highest Product jar package name security Low Product jar package name web Highest Product jar package name web Low Product Manifest automatic-module-name spring.security.web Medium Product Manifest Implementation-Title spring-security-web High Version file version 6.2.3 High Version Manifest Implementation-Version 6.2.3 High
spring-test-6.1.5.jar spring-tx-6.1.5.jar spring-web-6.1.5.jar spring-webflux-6.1.5.jar spring-webmvc-6.1.5.jar springdoc-openapi-starter-common-2.4.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springdoc/springdoc-openapi-starter-common/2.4.0/172162fa1fe3d1b42fa13f325a8cdfd32b2538c8/springdoc-openapi-starter-common-2.4.0.jarMD5: d451e03e58250215171362cddd555affSHA1: 172162fa1fe3d1b42fa13f325a8cdfd32b2538c8SHA256: f427f6eacca835b42cadf4aeab4ce4f304a1b86469534c7f615ff6b33a6ab531Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath springdoc-openapi-starter-common-2.4.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name springdoc-openapi-starter-common High Vendor gradle artifactid springdoc-openapi-starter-common Highest Vendor gradle groupid org.springdoc Highest Vendor jar package name springdoc Highest Vendor Manifest automatic-module-name org.springdoc.openapi.common Medium Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid springdoc-openapi-starter-common Low Vendor pom groupid org.springdoc Highest Vendor pom parent-artifactid springdoc-openapi Low Product file name springdoc-openapi-starter-common High Product gradle artifactid springdoc-openapi-starter-common Highest Product jar package name springdoc Highest Product Manifest automatic-module-name org.springdoc.openapi.common Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title springdoc-openapi-starter-common High Product pom artifactid springdoc-openapi-starter-common Highest Product pom groupid org.springdoc Highest Product pom parent-artifactid springdoc-openapi Medium Version file version 2.4.0 High Version gradle version 2.4.0 Highest Version Manifest Implementation-Version 2.4.0 High Version pom version 2.4.0 Highest
springdoc-openapi-starter-webmvc-api-2.4.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springdoc/springdoc-openapi-starter-webmvc-api/2.4.0/84132fbe0f6c31fc56dda21e3f6f797be954e1b9/springdoc-openapi-starter-webmvc-api-2.4.0.jarMD5: de5af8a67b578e29af1d3856e0f45ac1SHA1: 84132fbe0f6c31fc56dda21e3f6f797be954e1b9SHA256: beea691ff64627deb2c3fa1f2c8e4444120303498da154fa1e0993af8c280ba4Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath springdoc-openapi-starter-webmvc-api-2.4.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name springdoc-openapi-starter-webmvc-api High Vendor gradle artifactid springdoc-openapi-starter-webmvc-api Highest Vendor gradle groupid org.springdoc Highest Vendor jar package name core Highest Vendor jar package name springdoc Highest Vendor jar package name webmvc Highest Vendor Manifest automatic-module-name org.springdoc.openapi.webmvc.core Medium Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid springdoc-openapi-starter-webmvc-api Low Vendor pom groupid org.springdoc Highest Vendor pom parent-artifactid springdoc-openapi Low Product file name springdoc-openapi-starter-webmvc-api High Product gradle artifactid springdoc-openapi-starter-webmvc-api Highest Product jar package name core Highest Product jar package name springdoc Highest Product jar package name webmvc Highest Product Manifest automatic-module-name org.springdoc.openapi.webmvc.core Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title springdoc-openapi-starter-webmvc-api High Product pom artifactid springdoc-openapi-starter-webmvc-api Highest Product pom groupid org.springdoc Highest Product pom parent-artifactid springdoc-openapi Medium Version file version 2.4.0 High Version gradle version 2.4.0 Highest Version Manifest Implementation-Version 2.4.0 High Version pom version 2.4.0 Highest
springdoc-openapi-starter-webmvc-ui-2.4.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.springdoc/springdoc-openapi-starter-webmvc-ui/2.4.0/d6abbf5af2d08100f9262e4b580a6849258d5e94/springdoc-openapi-starter-webmvc-ui-2.4.0.jarMD5: e558d837ac02eb83508399b6498763adSHA1: d6abbf5af2d08100f9262e4b580a6849258d5e94SHA256: 681e2284346bbfd872a583cae54224d7055da8c81320167a0d09765dfc8b835cReferenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath springdoc-openapi-starter-webmvc-ui-2.4.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-iam@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-logistics@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-tinkar@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-audit@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-health@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-questionnaire@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-communications@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-helloworld@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-media@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name springdoc-openapi-starter-webmvc-ui High Vendor gradle artifactid springdoc-openapi-starter-webmvc-ui Highest Vendor gradle groupid org.springdoc Highest Vendor jar package name springdoc Highest Vendor jar package name ui Highest Vendor jar package name webmvc Highest Vendor Manifest automatic-module-name org.springdoc.openapi.ui Medium Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid springdoc-openapi-starter-webmvc-ui Low Vendor pom groupid org.springdoc Highest Vendor pom parent-artifactid springdoc-openapi Low Product file name springdoc-openapi-starter-webmvc-ui High Product gradle artifactid springdoc-openapi-starter-webmvc-ui Highest Product jar package name springdoc Highest Product jar package name ui Highest Product jar package name webmvc Highest Product Manifest automatic-module-name org.springdoc.openapi.ui Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title springdoc-openapi-starter-webmvc-ui High Product pom artifactid springdoc-openapi-starter-webmvc-ui Highest Product pom groupid org.springdoc Highest Product pom parent-artifactid springdoc-openapi Medium Version file version 2.4.0 High Version gradle version 2.4.0 Highest Version Manifest Implementation-Version 2.4.0 High Version pom version 2.4.0 Highest
sshd-osgi-2.10.0.jarDescription:
The Apache Software Foundation provides support for the Apache community of open-source software projects. The Apache projects are characterized by a collaborative, consensus based development process, an open and pragmatic software license, and a desire to create high quality software that leads the way in its field. We consider ourselves not simply a group of projects sharing a server, but rather a community of developers and users. License:
https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.apache.sshd/sshd-osgi/2.10.0/3677ac1da780b7bdb682da50b762d79ea0d940d/sshd-osgi-2.10.0.jar
MD5: d3ba3fa461e32dbd8d00993b570c90e5
SHA1: 03677ac1da780b7bdb682da50b762d79ea0d940d
SHA256: 90c50ae43863e577b5a908abee1ba02b1baa86305eeb602abbad821518cb1725
Referenced In Projects/Scopes: opencdx-config:compileClasspath opencdx-config:runtimeClasspath opencdx-config:productionRuntimeClasspath sshd-osgi-2.10.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name sshd-osgi High Vendor gradle artifactid sshd-osgi Highest Vendor gradle groupid org.apache.sshd Highest Vendor jar package name apache Highest Vendor jar package name sshd Highest Vendor Manifest automatic-module-name org.apache.sshd.osgi Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-docurl https://www.apache.org/ Low Vendor Manifest bundle-symbolicname org.apache.sshd.osgi Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest originally-created-by Apache Maven Bundle Plugin 5.1.8 Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid sshd-osgi Low Vendor pom groupid org.apache.sshd Highest Vendor pom name Apache Mina SSHD :: OSGi High Vendor pom parent-artifactid sshd Low Product file name sshd-osgi High Product gradle artifactid sshd-osgi Highest Product jar package name apache Highest Product jar package name server Highest Product jar package name sshd Highest Product Manifest automatic-module-name org.apache.sshd.osgi Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-docurl https://www.apache.org/ Low Product Manifest Bundle-Name Apache Mina SSHD :: OSGi Medium Product Manifest bundle-symbolicname org.apache.sshd.osgi Medium Product Manifest Implementation-Title Apache Mina SSHD :: OSGi High Product Manifest originally-created-by Apache Maven Bundle Plugin 5.1.8 Low Product Manifest specification-title Apache Mina SSHD :: OSGi Medium Product pom artifactid sshd-osgi Highest Product pom groupid org.apache.sshd Highest Product pom name Apache Mina SSHD :: OSGi High Product pom parent-artifactid sshd Medium Version file version 2.10.0 High Version gradle version 2.10.0 Highest Version Manifest Bundle-Version 2.10.0 High Version Manifest Implementation-Version 2.10.0 High Version pom version 2.10.0 Highest
CVE-2023-48795 suppress
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust. CWE-354 Improper Validation of Integrity Check Value
CVSSv3:
Base Score: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:2.2/RC:R/MAV:A References:
cve@mitre.org - EXPLOIT cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST,MITIGATION cve@mitre.org - MAILING_LIST,MITIGATION cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MITIGATION cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRODUCT cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY,VDB_ENTRY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY Vulnerable Software & Versions: (show all )
sshd-sftp-2.10.0.jarDescription:
The Apache Software Foundation provides support for the Apache community of open-source software projects. The Apache projects are characterized by a collaborative, consensus based development process, an open and pragmatic software license, and a desire to create high quality software that leads the way in its field. We consider ourselves not simply a group of projects sharing a server, but rather a community of developers and users. License:
https://www.apache.org/licenses/LICENSE-2.0 File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.apache.sshd/sshd-sftp/2.10.0/88707339ac0693d48df0ec1bafb84c78d792ed08/sshd-sftp-2.10.0.jar
MD5: 86b6dfc7e97eae2ad56e7e5e840521ce
SHA1: 88707339ac0693d48df0ec1bafb84c78d792ed08
SHA256: af28d7d059eeeac3080a58d98bc75d23186cead52b9aa7c92763c2ee7b966a4c
Referenced In Projects/Scopes: opencdx-config:compileClasspath opencdx-config:runtimeClasspath opencdx-config:productionRuntimeClasspath sshd-sftp-2.10.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name sshd-sftp High Vendor gradle artifactid sshd-sftp Highest Vendor gradle groupid org.apache.sshd Highest Vendor jar package name apache Highest Vendor jar package name sftp Highest Vendor jar package name sshd Highest Vendor Manifest automatic-module-name org.apache.sshd.sftp Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-docurl https://www.apache.org/ Low Vendor Manifest bundle-symbolicname org.apache.sshd.sftp Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid sshd-sftp Low Vendor pom groupid org.apache.sshd Highest Vendor pom name Apache Mina SSHD :: SFTP High Vendor pom parent-artifactid sshd Low Product file name sshd-sftp High Product gradle artifactid sshd-sftp Highest Product jar package name apache Highest Product jar package name server Highest Product jar package name sftp Highest Product jar package name sshd Highest Product Manifest automatic-module-name org.apache.sshd.sftp Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-docurl https://www.apache.org/ Low Product Manifest Bundle-Name Apache Mina SSHD :: SFTP Medium Product Manifest bundle-symbolicname org.apache.sshd.sftp Medium Product Manifest Implementation-Title Apache Mina SSHD :: SFTP High Product Manifest specification-title Apache Mina SSHD :: SFTP Medium Product pom artifactid sshd-sftp Highest Product pom groupid org.apache.sshd Highest Product pom name Apache Mina SSHD :: SFTP High Product pom parent-artifactid sshd Medium Version file version 2.10.0 High Version gradle version 2.10.0 Highest Version Manifest Bundle-Version 2.10.0 High Version Manifest Implementation-Version 2.10.0 High Version pom version 2.10.0 Highest
CVE-2023-48795 suppress
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust. CWE-354 Improper Validation of Integrity Check Value
CVSSv3:
Base Score: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:2.2/RC:R/MAV:A References:
cve@mitre.org - EXPLOIT cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - ISSUE_TRACKING cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST cve@mitre.org - MAILING_LIST,MITIGATION cve@mitre.org - MAILING_LIST,MITIGATION cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MAILING_LIST,THIRD_PARTY_ADVISORY cve@mitre.org - MITIGATION cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PATCH cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRESS/MEDIA_COVERAGE cve@mitre.org - PRODUCT cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - RELEASE_NOTES cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY cve@mitre.org - THIRD_PARTY_ADVISORY,VDB_ENTRY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY cve@mitre.org - VENDOR_ADVISORY Vulnerable Software & Versions: (show all )
stax2-api-4.2.1.jarDescription:
tax2 API is an extension to basic Stax 1.0 API that adds significant new functionality, such as full-featured bi-direction validation interface and high-performance Typed Access API.
License:
The BSD License: http://www.opensource.org/licenses/bsd-license.php File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.codehaus.woodstox/stax2-api/4.2.1/a3f7325c52240418c2ba257b103c3c550e140c83/stax2-api-4.2.1.jar
MD5: af8377bc7882332e22456616a9f164f6
SHA1: a3f7325c52240418c2ba257b103c3c550e140c83
SHA256: 678567e48b51a42c65c699f266539ad3d676d4b1a5b0ad7d89ece8b9d5772579
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath stax2-api-4.2.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.2.4 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.2.4 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name stax2-api High Vendor gradle artifactid stax2-api Highest Vendor gradle groupid org.codehaus.woodstox Highest Vendor jar package name codehaus Highest Vendor jar package name stax2 Highest Vendor jar package name typed Highest Vendor jar package name validation Highest Vendor Manifest automatic-module-name org.codehaus.stax2 Medium Vendor Manifest bundle-docurl http://github.com/FasterXML/stax2-api Low Vendor Manifest bundle-symbolicname stax2-api Medium Vendor Manifest implementation-build-date 2020-05-14 04:15:18+0000 Low Vendor Manifest Implementation-Vendor fasterxml.com High Vendor Manifest Implementation-Vendor-Id org.codehaus.woodstox Medium Vendor Manifest specification-vendor fasterxml.com Low Vendor pom artifactid stax2-api Low Vendor pom developer email tatu@fasterxml.com Low Vendor pom developer id tatu Medium Vendor pom developer name Tatu Saloranta Medium Vendor pom groupid org.codehaus.woodstox Highest Vendor pom name Stax2 API High Vendor pom organization name fasterxml.com High Vendor pom organization url http://fasterxml.com Medium Vendor pom parent-artifactid oss-parent Low Vendor pom parent-groupid com.fasterxml Medium Vendor pom url http://github.com/FasterXML/stax2-api Highest Product file name stax2-api High Product gradle artifactid stax2-api Highest Product jar package name codehaus Highest Product jar package name stax2 Highest Product jar package name typed Highest Product jar package name validation Highest Product Manifest automatic-module-name org.codehaus.stax2 Medium Product Manifest bundle-docurl http://github.com/FasterXML/stax2-api Low Product Manifest Bundle-Name Stax2 API Medium Product Manifest bundle-symbolicname stax2-api Medium Product Manifest implementation-build-date 2020-05-14 04:15:18+0000 Low Product Manifest Implementation-Title Stax2 API High Product Manifest specification-title Stax2 API Medium Product pom artifactid stax2-api Highest Product pom developer email tatu@fasterxml.com Low Product pom developer id tatu Low Product pom developer name Tatu Saloranta Low Product pom groupid org.codehaus.woodstox Highest Product pom name Stax2 API High Product pom organization name fasterxml.com Low Product pom organization url http://fasterxml.com Low Product pom parent-artifactid oss-parent Medium Product pom parent-groupid com.fasterxml Medium Product pom url http://github.com/FasterXML/stax2-api Medium Version file version 4.2.1 High Version gradle version 4.2.1 Highest Version Manifest Bundle-Version 4.2.1 High Version Manifest Implementation-Version 4.2.1 High Version pom parent-version 4.2.1 Low Version pom version 4.2.1 Highest
stringtemplate-3.2.1.jarDescription:
StringTemplate is a java template engine for generating source code,
web pages, emails, or any other formatted text output.
StringTemplate is particularly good at multi-targeted code generators,
multiple site skins, and internationalization/localization.
It evolved over years of effort developing jGuru.com.
StringTemplate also generates the stringtemplate website: http://www.stringtemplate.org
and powers the ANTLR v3 code generator. Its distinguishing characteristic
is that unlike other engines, it strictly enforces model-view separation.
Strict separation makes websites and code generators more flexible
and maintainable; it also provides an excellent defense against malicious
template authors.
There are currently about 600 StringTemplate source downloads a month.
License:
BSD licence: http://antlr.org/license.html File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.antlr/stringtemplate/3.2.1/59ec8083721eae215c6f3caee944c410d2be34de/stringtemplate-3.2.1.jar
MD5: b58ca53e518a92a1991eb63b61917582
SHA1: 59ec8083721eae215c6f3caee944c410d2be34de
SHA256: f66ce72e965e5301cb0f020e54d2ba6ad76feb91b3cbfc30dbbf00c06a6df6d7
Referenced In Projects/Scopes: opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-config:runtimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-config:productionRuntimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-discovery:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath stringtemplate-3.2.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name stringtemplate High Vendor gradle artifactid stringtemplate Highest Vendor gradle groupid org.antlr Highest Vendor jar package name antlr Highest Vendor jar package name antlr Low Vendor jar package name language Low Vendor jar package name stringtemplate Highest Vendor jar package name stringtemplate Low Vendor pom artifactid stringtemplate Low Vendor pom developer email jimi@temporal-wave.com Low Vendor pom developer email parrt@antlr.org Low Vendor pom developer name Jim Idle Medium Vendor pom developer name Terence Parr Medium Vendor pom developer org Temporal Wave LLC Medium Vendor pom developer org USFCA Medium Vendor pom developer org URL http://www.cs.usfca.edu Medium Vendor pom developer org URL http://www.temporal-wave.com Medium Vendor pom groupid org.antlr Highest Vendor pom name ANTLR StringTemplate High Vendor pom url http://www.stringtemplate.org Highest Product file name stringtemplate High Product gradle artifactid stringtemplate Highest Product jar package name antlr Highest Product jar package name language Low Product jar package name stringtemplate Highest Product jar package name stringtemplate Low Product pom artifactid stringtemplate Highest Product pom developer email jimi@temporal-wave.com Low Product pom developer email parrt@antlr.org Low Product pom developer name Jim Idle Low Product pom developer name Terence Parr Low Product pom developer org Temporal Wave LLC Low Product pom developer org USFCA Low Product pom developer org URL http://www.cs.usfca.edu Low Product pom developer org URL http://www.temporal-wave.com Low Product pom groupid org.antlr Highest Product pom name ANTLR StringTemplate High Product pom url http://www.stringtemplate.org Medium Version file version 3.2.1 High Version gradle version 3.2.1 Highest Version pom version 3.2.1 Highest
swagger-annotations-jakarta-2.2.19.jarDescription:
swagger-annotations License:
"Apache License 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.html" File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.swagger.core.v3/swagger-annotations-jakarta/2.2.19/c180d87c78d367771bbd954ebceba1b6c576fb52/swagger-annotations-jakarta-2.2.19.jar
MD5: 4b1320c4f5045ceb958793d4521be2f8
SHA1: c180d87c78d367771bbd954ebceba1b6c576fb52
SHA256: 26379dd7123ea64083de33378fc9451efb7785a27f436834ed651d6d0337e7b6
Referenced In Projects/Scopes: opencdx-commons:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-commons:compileClasspath swagger-annotations-jakarta-2.2.19.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.swagger.core.v3/swagger-core-jakarta@2.2.19 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/io.swagger.core.v3/swagger-core-jakarta@2.2.19 pkg:maven/io.swagger.core.v3/swagger-core-jakarta@2.2.19 Evidence Type Source Name Value Confidence Vendor file name swagger-annotations-jakarta High Vendor gradle artifactid swagger-annotations-jakarta Highest Vendor gradle groupid io.swagger.core.v3 Highest Vendor jar package name io Highest Vendor jar package name oas Highest Vendor jar package name swagger Highest Vendor jar package name v3 Highest Vendor Manifest automatic-module-name io.swagger.v3.oas.annotations Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-developers frantuma;email="frantuma@yahoo.com";name="Francesco Tumanischvili",fehguy;email="fehguy@gmail.com";name="Tony Tam",webron;email="webron@gmail.com";name="Ron Ratovsky" Low Vendor Manifest bundle-docurl https://github.com/swagger-api/swagger-core/modules/swagger-annotations Low Vendor Manifest bundle-symbolicname io.swagger.core.v3.swagger-annotations.jakarta Medium Vendor Manifest mode development Low Vendor Manifest url https://github.com/swagger-api/swagger-core/modules/swagger-annotations Low Vendor pom artifactid swagger-annotations Low Vendor pom groupid io.swagger.core.v3 Highest Vendor pom name swagger-annotations High Vendor pom parent-artifactid swagger-project Low Product file name swagger-annotations-jakarta High Product gradle artifactid swagger-annotations-jakarta Highest Product jar package name io Highest Product jar package name oas Highest Product jar package name swagger Highest Product jar package name v3 Highest Product Manifest automatic-module-name io.swagger.v3.oas.annotations Medium Product Manifest build-jdk-spec 11 Low Product Manifest bundle-developers frantuma;email="frantuma@yahoo.com";name="Francesco Tumanischvili",fehguy;email="fehguy@gmail.com";name="Tony Tam",webron;email="webron@gmail.com";name="Ron Ratovsky" Low Product Manifest bundle-docurl https://github.com/swagger-api/swagger-core/modules/swagger-annotations Low Product Manifest Bundle-Name swagger-annotations Jakarta Medium Product Manifest bundle-symbolicname io.swagger.core.v3.swagger-annotations.jakarta Medium Product Manifest mode development Low Product Manifest url https://github.com/swagger-api/swagger-core/modules/swagger-annotations Low Product pom artifactid swagger-annotations Highest Product pom groupid io.swagger.core.v3 Highest Product pom name swagger-annotations High Product pom parent-artifactid swagger-project Medium Version file version 2.2.19 High Version gradle version 2.2.19 Highest Version Manifest Bundle-Version 2.2.19 High Version Manifest implementation-version 2.2.19 High Version pom version 2.2.19 Highest
swagger-annotations-jakarta-2.2.20.jarDescription:
swagger-annotations-jakarta License:
"Apache License 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.html" File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.swagger.core.v3/swagger-annotations-jakarta/2.2.20/2a443bf02ad9df9b1d22e26435f7091fc622e60d/swagger-annotations-jakarta-2.2.20.jar
MD5: 2322b0b4ef302d01e888f92938f54a6b
SHA1: 2a443bf02ad9df9b1d22e26435f7091fc622e60d
SHA256: 00ec81c1261a1aa93b48a11e0da6dd74e3ec9bc7eeea2ec7252f4caeb0c96742
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath swagger-annotations-jakarta-2.2.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name swagger-annotations-jakarta High Vendor gradle artifactid swagger-annotations-jakarta Highest Vendor gradle groupid io.swagger.core.v3 Highest Vendor jar package name io Highest Vendor jar package name oas Highest Vendor jar package name swagger Highest Vendor jar package name v3 Highest Vendor Manifest automatic-module-name io.swagger.v3.oas.annotations Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-developers frantuma;email="frantuma@yahoo.com";name="Francesco Tumanischvili",fehguy;email="fehguy@gmail.com";name="Tony Tam",webron;email="webron@gmail.com";name="Ron Ratovsky" Low Vendor Manifest bundle-docurl https://github.com/swagger-api/swagger-core/modules/swagger-annotations Low Vendor Manifest bundle-symbolicname io.swagger.core.v3.swagger-annotations.jakarta Medium Vendor Manifest mode development Low Vendor Manifest url https://github.com/swagger-api/swagger-core/modules/swagger-annotations Low Vendor pom artifactid swagger-annotations-jakarta Low Vendor pom groupid io.swagger.core.v3 Highest Vendor pom name swagger-annotations-jakarta High Vendor pom parent-artifactid swagger-project-jakarta Low Product file name swagger-annotations-jakarta High Product gradle artifactid swagger-annotations-jakarta Highest Product jar package name io Highest Product jar package name oas Highest Product jar package name swagger Highest Product jar package name v3 Highest Product Manifest automatic-module-name io.swagger.v3.oas.annotations Medium Product Manifest build-jdk-spec 11 Low Product Manifest bundle-developers frantuma;email="frantuma@yahoo.com";name="Francesco Tumanischvili",fehguy;email="fehguy@gmail.com";name="Tony Tam",webron;email="webron@gmail.com";name="Ron Ratovsky" Low Product Manifest bundle-docurl https://github.com/swagger-api/swagger-core/modules/swagger-annotations Low Product Manifest Bundle-Name swagger-annotations Jakarta Medium Product Manifest bundle-symbolicname io.swagger.core.v3.swagger-annotations.jakarta Medium Product Manifest mode development Low Product Manifest url https://github.com/swagger-api/swagger-core/modules/swagger-annotations Low Product pom artifactid swagger-annotations-jakarta Highest Product pom groupid io.swagger.core.v3 Highest Product pom name swagger-annotations-jakarta High Product pom parent-artifactid swagger-project-jakarta Medium Version file version 2.2.20 High Version gradle version 2.2.20 Highest Version Manifest Bundle-Version 2.2.20 High Version Manifest implementation-version 2.2.20 High Version pom version 2.2.20 Highest
swagger-core-jakarta-2.2.19.jarDescription:
swagger-core License:
"Apache License 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.html" File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.swagger.core.v3/swagger-core-jakarta/2.2.19/1bbc09fba4c0ac2375da7563cb03dfd0f3e07100/swagger-core-jakarta-2.2.19.jar
MD5: bc140b02d298bd60acb4db24384a7ab7
SHA1: 1bbc09fba4c0ac2375da7563cb03dfd0f3e07100
SHA256: eaf161173a52057a7051fec567405bbff957c75ff184158f2981703b11d9afe3
Referenced In Projects/Scopes: opencdx-commons:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-commons:compileClasspath swagger-core-jakarta-2.2.19.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name swagger-core-jakarta High Vendor gradle artifactid swagger-core-jakarta Highest Vendor gradle groupid io.swagger.core.v3 Highest Vendor jar package name core Highest Vendor jar package name io Highest Vendor jar package name swagger Highest Vendor jar package name v3 Highest Vendor Manifest automatic-module-name io.swagger.v3.core Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-developers frantuma;email="frantuma@yahoo.com";name="Francesco Tumanischvili",fehguy;email="fehguy@gmail.com";name="Tony Tam",webron;email="webron@gmail.com";name="Ron Ratovsky" Low Vendor Manifest bundle-docurl https://github.com/swagger-api/swagger-core/modules/swagger-core Low Vendor Manifest bundle-symbolicname io.swagger.core.v3.swagger-core.jakarta Medium Vendor Manifest mode development Low Vendor Manifest url https://github.com/swagger-api/swagger-core/modules/swagger-core Low Vendor pom artifactid swagger-core Low Vendor pom groupid io.swagger.core.v3 Highest Vendor pom name swagger-core High Vendor pom parent-artifactid swagger-project Low Product file name swagger-core-jakarta High Product gradle artifactid swagger-core-jakarta Highest Product jar package name core Highest Product jar package name io Highest Product jar package name swagger Highest Product jar package name v3 Highest Product Manifest automatic-module-name io.swagger.v3.core Medium Product Manifest build-jdk-spec 11 Low Product Manifest bundle-developers frantuma;email="frantuma@yahoo.com";name="Francesco Tumanischvili",fehguy;email="fehguy@gmail.com";name="Tony Tam",webron;email="webron@gmail.com";name="Ron Ratovsky" Low Product Manifest bundle-docurl https://github.com/swagger-api/swagger-core/modules/swagger-core Low Product Manifest Bundle-Name swagger-core Jakarta Medium Product Manifest bundle-symbolicname io.swagger.core.v3.swagger-core.jakarta Medium Product Manifest mode development Low Product Manifest url https://github.com/swagger-api/swagger-core/modules/swagger-core Low Product pom artifactid swagger-core Highest Product pom groupid io.swagger.core.v3 Highest Product pom name swagger-core High Product pom parent-artifactid swagger-project Medium Version file version 2.2.19 High Version gradle version 2.2.19 Highest Version Manifest Bundle-Version 2.2.19 High Version Manifest implementation-version 2.2.19 High Version pom version 2.2.19 Highest
swagger-core-jakarta-2.2.20.jarDescription:
swagger-core-jakarta License:
"Apache License 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.html" File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.swagger.core.v3/swagger-core-jakarta/2.2.20/75fa4d4f4e760296450c4d7ed3970be040322b6b/swagger-core-jakarta-2.2.20.jar
MD5: 787755ca41d165a5d13bc2868493fce0
SHA1: 75fa4d4f4e760296450c4d7ed3970be040322b6b
SHA256: bba4479b206932e0aafc637af60d387c448a0d913311a7ca6d0c8bcbec91f9b7
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath swagger-core-jakarta-2.2.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name swagger-core-jakarta High Vendor gradle artifactid swagger-core-jakarta Highest Vendor gradle groupid io.swagger.core.v3 Highest Vendor jar package name core Highest Vendor jar package name io Highest Vendor jar package name swagger Highest Vendor jar package name v3 Highest Vendor Manifest automatic-module-name io.swagger.v3.core Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-developers frantuma;email="frantuma@yahoo.com";name="Francesco Tumanischvili",fehguy;email="fehguy@gmail.com";name="Tony Tam",webron;email="webron@gmail.com";name="Ron Ratovsky" Low Vendor Manifest bundle-docurl https://github.com/swagger-api/swagger-core/modules/swagger-core Low Vendor Manifest bundle-symbolicname io.swagger.core.v3.swagger-core.jakarta Medium Vendor Manifest mode development Low Vendor Manifest url https://github.com/swagger-api/swagger-core/modules/swagger-core Low Vendor pom artifactid swagger-core-jakarta Low Vendor pom groupid io.swagger.core.v3 Highest Vendor pom name swagger-core-jakarta High Vendor pom parent-artifactid swagger-project-jakarta Low Product file name swagger-core-jakarta High Product gradle artifactid swagger-core-jakarta Highest Product jar package name core Highest Product jar package name io Highest Product jar package name swagger Highest Product jar package name v3 Highest Product Manifest automatic-module-name io.swagger.v3.core Medium Product Manifest build-jdk-spec 11 Low Product Manifest bundle-developers frantuma;email="frantuma@yahoo.com";name="Francesco Tumanischvili",fehguy;email="fehguy@gmail.com";name="Tony Tam",webron;email="webron@gmail.com";name="Ron Ratovsky" Low Product Manifest bundle-docurl https://github.com/swagger-api/swagger-core/modules/swagger-core Low Product Manifest Bundle-Name swagger-core Jakarta Medium Product Manifest bundle-symbolicname io.swagger.core.v3.swagger-core.jakarta Medium Product Manifest mode development Low Product Manifest url https://github.com/swagger-api/swagger-core/modules/swagger-core Low Product pom artifactid swagger-core-jakarta Highest Product pom groupid io.swagger.core.v3 Highest Product pom name swagger-core-jakarta High Product pom parent-artifactid swagger-project-jakarta Medium Version file version 2.2.20 High Version gradle version 2.2.20 Highest Version Manifest Bundle-Version 2.2.20 High Version Manifest implementation-version 2.2.20 High Version pom version 2.2.20 Highest
swagger-models-jakarta-2.2.19.jarDescription:
swagger-models License:
"Apache License 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.html" File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.swagger.core.v3/swagger-models-jakarta/2.2.19/72b8a8ba29654ba31d951311081c33d464cee138/swagger-models-jakarta-2.2.19.jar
MD5: c814aee17864e66fc6a21f26a5f07eb4
SHA1: 72b8a8ba29654ba31d951311081c33d464cee138
SHA256: 60885575302fe8a79bc4098bca56a93922a2b650c83bd97fe23536efb41aef1b
Referenced In Projects/Scopes: opencdx-commons:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-commons:compileClasspath swagger-models-jakarta-2.2.19.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/io.swagger.core.v3/swagger-core-jakarta@2.2.19 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/io.swagger.core.v3/swagger-core-jakarta@2.2.19 pkg:maven/io.swagger.core.v3/swagger-core-jakarta@2.2.19 Evidence Type Source Name Value Confidence Vendor file name swagger-models-jakarta High Vendor gradle artifactid swagger-models-jakarta Highest Vendor gradle groupid io.swagger.core.v3 Highest Vendor jar package name io Highest Vendor jar package name oas Highest Vendor jar package name swagger Highest Vendor jar package name v3 Highest Vendor Manifest automatic-module-name io.swagger.v3.oas.models Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-developers frantuma;email="frantuma@yahoo.com";name="Francesco Tumanischvili",fehguy;email="fehguy@gmail.com";name="Tony Tam",webron;email="webron@gmail.com";name="Ron Ratovsky" Low Vendor Manifest bundle-docurl https://github.com/swagger-api/swagger-core/modules/swagger-models Low Vendor Manifest bundle-symbolicname io.swagger.core.v3.swagger-models.jakarta Medium Vendor Manifest mode development Low Vendor Manifest url https://github.com/swagger-api/swagger-core/modules/swagger-models Low Vendor pom artifactid swagger-models Low Vendor pom groupid io.swagger.core.v3 Highest Vendor pom name swagger-models High Vendor pom parent-artifactid swagger-project Low Product file name swagger-models-jakarta High Product gradle artifactid swagger-models-jakarta Highest Product jar package name io Highest Product jar package name oas Highest Product jar package name swagger Highest Product jar package name v3 Highest Product Manifest automatic-module-name io.swagger.v3.oas.models Medium Product Manifest build-jdk-spec 11 Low Product Manifest bundle-developers frantuma;email="frantuma@yahoo.com";name="Francesco Tumanischvili",fehguy;email="fehguy@gmail.com";name="Tony Tam",webron;email="webron@gmail.com";name="Ron Ratovsky" Low Product Manifest bundle-docurl https://github.com/swagger-api/swagger-core/modules/swagger-models Low Product Manifest Bundle-Name swagger-models Jakarta Medium Product Manifest bundle-symbolicname io.swagger.core.v3.swagger-models.jakarta Medium Product Manifest mode development Low Product Manifest url https://github.com/swagger-api/swagger-core/modules/swagger-models Low Product pom artifactid swagger-models Highest Product pom groupid io.swagger.core.v3 Highest Product pom name swagger-models High Product pom parent-artifactid swagger-project Medium Version file version 2.2.19 High Version gradle version 2.2.19 Highest Version Manifest Bundle-Version 2.2.19 High Version Manifest implementation-version 2.2.19 High Version pom version 2.2.19 Highest
swagger-models-jakarta-2.2.20.jarDescription:
swagger-models-jakarta License:
"Apache License 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.html" File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/io.swagger.core.v3/swagger-models-jakarta/2.2.20/238ef00ce61ef6dcf4a7ec4f005e97d14ece4b6a/swagger-models-jakarta-2.2.20.jar
MD5: f83edb32379af66be695bd63c984722c
SHA1: 238ef00ce61ef6dcf4a7ec4f005e97d14ece4b6a
SHA256: c9378184e4401e1552fde1114d42038fadeadc878d4327230bef00e3d458dffa
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath swagger-models-jakarta-2.2.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name swagger-models-jakarta High Vendor gradle artifactid swagger-models-jakarta Highest Vendor gradle groupid io.swagger.core.v3 Highest Vendor jar package name io Highest Vendor jar package name oas Highest Vendor jar package name swagger Highest Vendor jar package name v3 Highest Vendor Manifest automatic-module-name io.swagger.v3.oas.models Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-developers frantuma;email="frantuma@yahoo.com";name="Francesco Tumanischvili",fehguy;email="fehguy@gmail.com";name="Tony Tam",webron;email="webron@gmail.com";name="Ron Ratovsky" Low Vendor Manifest bundle-docurl https://github.com/swagger-api/swagger-core/modules/swagger-models Low Vendor Manifest bundle-symbolicname io.swagger.core.v3.swagger-models.jakarta Medium Vendor Manifest mode development Low Vendor Manifest url https://github.com/swagger-api/swagger-core/modules/swagger-models Low Vendor pom artifactid swagger-models-jakarta Low Vendor pom groupid io.swagger.core.v3 Highest Vendor pom name swagger-models-jakarta High Vendor pom parent-artifactid swagger-project-jakarta Low Product file name swagger-models-jakarta High Product gradle artifactid swagger-models-jakarta Highest Product jar package name io Highest Product jar package name oas Highest Product jar package name swagger Highest Product jar package name v3 Highest Product Manifest automatic-module-name io.swagger.v3.oas.models Medium Product Manifest build-jdk-spec 11 Low Product Manifest bundle-developers frantuma;email="frantuma@yahoo.com";name="Francesco Tumanischvili",fehguy;email="fehguy@gmail.com";name="Tony Tam",webron;email="webron@gmail.com";name="Ron Ratovsky" Low Product Manifest bundle-docurl https://github.com/swagger-api/swagger-core/modules/swagger-models Low Product Manifest Bundle-Name swagger-models Jakarta Medium Product Manifest bundle-symbolicname io.swagger.core.v3.swagger-models.jakarta Medium Product Manifest mode development Low Product Manifest url https://github.com/swagger-api/swagger-core/modules/swagger-models Low Product pom artifactid swagger-models-jakarta Highest Product pom groupid io.swagger.core.v3 Highest Product pom name swagger-models-jakarta High Product pom parent-artifactid swagger-project-jakarta Medium Version file version 2.2.20 High Version gradle version 2.2.20 Highest Version Manifest Bundle-Version 2.2.20 High Version Manifest implementation-version 2.2.20 High Version pom version 2.2.20 Highest
swagger-ui-5.11.8.jarDescription:
WebJar for Swagger UI License:
Apache 2.0: https://github.com/swagger-api/swagger-ui File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.webjars/swagger-ui/5.11.8/b1ec77da6f3dee23ce31835224af43cff8015b2f/swagger-ui-5.11.8.jar
MD5: b4251b4dc62e9a461f1024ba13880e9d
SHA1: b1ec77da6f3dee23ce31835224af43cff8015b2f
SHA256: 624ee6b6275c681ce0071a69f43e0ccb467cd7117a018197cb0457fc2287420e
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath swagger-ui-5.11.8.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/org.springdoc/springdoc-openapi-starter-webmvc-ui@2.4.0 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name swagger-ui High Vendor gradle artifactid swagger-ui Highest Vendor gradle groupid org.webjars Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-symbolicname org.webjars.swagger-ui Medium Vendor pom artifactid swagger-ui Low Vendor pom developer email james@jamesward.com Low Vendor pom developer id jamesward Medium Vendor pom developer name James Ward Medium Vendor pom groupid org.webjars Highest Vendor pom name Swagger UI High Vendor pom url http://webjars.org Highest Product file name swagger-ui High Product gradle artifactid swagger-ui Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Bundle-Name Swagger UI Medium Product Manifest bundle-symbolicname org.webjars.swagger-ui Medium Product pom artifactid swagger-ui Highest Product pom developer email james@jamesward.com Low Product pom developer id jamesward Low Product pom developer name James Ward Low Product pom groupid org.webjars Highest Product pom name Swagger UI High Product pom url http://webjars.org Medium Version file version 5.11.8 High Version gradle version 5.11.8 Highest Version Manifest Bundle-Version 5.11.8 High Version pom version 5.11.8 Highest
swagger-ui-5.11.8.jar: swagger-initializer.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.webjars/swagger-ui/5.11.8/b1ec77da6f3dee23ce31835224af43cff8015b2f/swagger-ui-5.11.8.jar/META-INF/resources/webjars/swagger-ui/5.11.8/swagger-initializer.jsMD5: ff995915f51c051c59fed883f5d7be28SHA1: c434dd8fbfa625a10351681d3037ee79d5682207SHA256: a895034f24f12d7cd81ec47c98da4f15721d9d9a8d2405f22f21704821f81d02Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath Evidence Type Source Name Value Confidence
Related Dependencies swagger-ui-5.11.8.jar: swagger-initializer.js.gz: swagger-initializer.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.webjars/swagger-ui/5.11.8/b1ec77da6f3dee23ce31835224af43cff8015b2f/swagger-ui-5.11.8.jar/META-INF/resources/webjars/swagger-ui/5.11.8/swagger-initializer.js.gz/swagger-initializer.js MD5: ff995915f51c051c59fed883f5d7be28 SHA1: c434dd8fbfa625a10351681d3037ee79d5682207 SHA256: a895034f24f12d7cd81ec47c98da4f15721d9d9a8d2405f22f21704821f81d02 swagger-ui-5.11.8.jar: swagger-ui-bundle.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.webjars/swagger-ui/5.11.8/b1ec77da6f3dee23ce31835224af43cff8015b2f/swagger-ui-5.11.8.jar/META-INF/resources/webjars/swagger-ui/5.11.8/swagger-ui-bundle.jsMD5: 0cf188bd983c9efb29e1e33089d99898SHA1: cf70bc82ef69e5dc180f1adb0bb4d5f69f448eddSHA256: 7c50ba87decbcce3440ba64f50212a4840737e01ac27f6523f78277b1531cbfdReferenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath Evidence Type Source Name Value Confidence
Related Dependencies swagger-ui-5.11.8.jar: swagger-ui-bundle.js.gz: swagger-ui-bundle.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.webjars/swagger-ui/5.11.8/b1ec77da6f3dee23ce31835224af43cff8015b2f/swagger-ui-5.11.8.jar/META-INF/resources/webjars/swagger-ui/5.11.8/swagger-ui-bundle.js.gz/swagger-ui-bundle.js MD5: 0cf188bd983c9efb29e1e33089d99898 SHA1: cf70bc82ef69e5dc180f1adb0bb4d5f69f448edd SHA256: 7c50ba87decbcce3440ba64f50212a4840737e01ac27f6523f78277b1531cbfd swagger-ui-5.11.8.jar: swagger-ui-es-bundle-core.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.webjars/swagger-ui/5.11.8/b1ec77da6f3dee23ce31835224af43cff8015b2f/swagger-ui-5.11.8.jar/META-INF/resources/webjars/swagger-ui/5.11.8/swagger-ui-es-bundle-core.jsMD5: 000d4263e0d2c8810ee54b3e66393863SHA1: edbef84e2d38d82c03829f391f1af114a4df0acbSHA256: af40efa6099dc4fb17e96265f803ee3f5ea4dc9b0d827e05d9d9bb9de1fa2710Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath Evidence Type Source Name Value Confidence
Related Dependencies swagger-ui-5.11.8.jar: swagger-ui-es-bundle-core.js.gz: swagger-ui-es-bundle-core.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.webjars/swagger-ui/5.11.8/b1ec77da6f3dee23ce31835224af43cff8015b2f/swagger-ui-5.11.8.jar/META-INF/resources/webjars/swagger-ui/5.11.8/swagger-ui-es-bundle-core.js.gz/swagger-ui-es-bundle-core.js MD5: 000d4263e0d2c8810ee54b3e66393863 SHA1: edbef84e2d38d82c03829f391f1af114a4df0acb SHA256: af40efa6099dc4fb17e96265f803ee3f5ea4dc9b0d827e05d9d9bb9de1fa2710 swagger-ui-5.11.8.jar: swagger-ui-es-bundle.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.webjars/swagger-ui/5.11.8/b1ec77da6f3dee23ce31835224af43cff8015b2f/swagger-ui-5.11.8.jar/META-INF/resources/webjars/swagger-ui/5.11.8/swagger-ui-es-bundle.jsMD5: 5c21a5a04beee8aa773c6c9ed796fcfaSHA1: c522926c94beea5e567eb52618cd366c1a0b3921SHA256: d28b4d39908a8f0c0e6e4b5c6f59f00f1ea1a47b19a4455594f213fd90e289ceReferenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath Evidence Type Source Name Value Confidence
Related Dependencies swagger-ui-5.11.8.jar: swagger-ui-es-bundle.js.gz: swagger-ui-es-bundle.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.webjars/swagger-ui/5.11.8/b1ec77da6f3dee23ce31835224af43cff8015b2f/swagger-ui-5.11.8.jar/META-INF/resources/webjars/swagger-ui/5.11.8/swagger-ui-es-bundle.js.gz/swagger-ui-es-bundle.js MD5: 5c21a5a04beee8aa773c6c9ed796fcfa SHA1: c522926c94beea5e567eb52618cd366c1a0b3921 SHA256: d28b4d39908a8f0c0e6e4b5c6f59f00f1ea1a47b19a4455594f213fd90e289ce swagger-ui-5.11.8.jar: swagger-ui-standalone-preset.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.webjars/swagger-ui/5.11.8/b1ec77da6f3dee23ce31835224af43cff8015b2f/swagger-ui-5.11.8.jar/META-INF/resources/webjars/swagger-ui/5.11.8/swagger-ui-standalone-preset.jsMD5: 789de7a58ec7baabacf5b2f9b17843b3SHA1: b4947f8f2ee850325eb7c2ed52d474ef2631338dSHA256: 2f63f1a71ce7a6c7bd7b93000090138c11f6a95448adb0dd966f57e2dd5f0655Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath Evidence Type Source Name Value Confidence
Related Dependencies swagger-ui-5.11.8.jar: swagger-ui-standalone-preset.js.gz: swagger-ui-standalone-preset.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.webjars/swagger-ui/5.11.8/b1ec77da6f3dee23ce31835224af43cff8015b2f/swagger-ui-5.11.8.jar/META-INF/resources/webjars/swagger-ui/5.11.8/swagger-ui-standalone-preset.js.gz/swagger-ui-standalone-preset.js MD5: 789de7a58ec7baabacf5b2f9b17843b3 SHA1: b4947f8f2ee850325eb7c2ed52d474ef2631338d SHA256: 2f63f1a71ce7a6c7bd7b93000090138c11f6a95448adb0dd966f57e2dd5f0655 swagger-ui-5.11.8.jar: swagger-ui.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.webjars/swagger-ui/5.11.8/b1ec77da6f3dee23ce31835224af43cff8015b2f/swagger-ui-5.11.8.jar/META-INF/resources/webjars/swagger-ui/5.11.8/swagger-ui.jsMD5: bb75c7dae8aa7a5e6cd1ca34df849c21SHA1: a5f9dda76fd2634de05400f0fb11550fced1fa3fSHA256: 4a451e0b87cfb5f22c28d5ddc2b77c2db7914ce026f8394242edea3e4c08cc3aReferenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath Evidence Type Source Name Value Confidence
Related Dependencies swagger-ui-5.11.8.jar: swagger-ui.js.gz: swagger-ui.jsFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.webjars/swagger-ui/5.11.8/b1ec77da6f3dee23ce31835224af43cff8015b2f/swagger-ui-5.11.8.jar/META-INF/resources/webjars/swagger-ui/5.11.8/swagger-ui.js.gz/swagger-ui.js MD5: bb75c7dae8aa7a5e6cd1ca34df849c21 SHA1: a5f9dda76fd2634de05400f0fb11550fced1fa3f SHA256: 4a451e0b87cfb5f22c28d5ddc2b77c2db7914ce026f8394242edea3e4c08cc3a tag-search-index.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/javadoc/tag-search-index.jsMD5: 3b9788f1de5e1bbec9df06fda0924152SHA1: 83e636aa0e9d8f9706ddc10f0584219205959a52SHA256: 5e0a3223e0f12d7c10e6f93964c2584486a47a6c863b88817cb64dcf49b4eaa8Referenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
terms-1.37.0.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/dev.ikm.tinkar/terms/1.37.0/f7e6cf14b94eab07785bb378f9cc4797c2a15bf8/terms-1.37.0.jarMD5: f36b06ce7f55ecd140e5849ea6a080eaSHA1: f7e6cf14b94eab07785bb378f9cc4797c2a15bf8SHA256: c506945dc107ee3afd4b67445911d88558174e61e50350cf140f73f34828c66dReferenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath terms-1.37.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 Evidence Type Source Name Value Confidence Vendor file name terms High Vendor gradle artifactid terms Highest Vendor gradle groupid dev.ikm.tinkar Highest Vendor jar package name dev Highest Vendor jar package name ikm Highest Vendor jar package name terms Highest Vendor jar package name tinkar Highest Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid terms Low Vendor pom groupid dev.ikm.tinkar Highest Vendor pom name TINKAR Terms High Vendor pom parent-artifactid tinkar-core Low Product file name terms High Product gradle artifactid terms Highest Product jar package name dev Highest Product jar package name ikm Highest Product jar package name terms Highest Product jar package name tinkar Highest Product Manifest build-jdk-spec 21 Low Product pom artifactid terms Highest Product pom groupid dev.ikm.tinkar Highest Product pom name TINKAR Terms High Product pom parent-artifactid tinkar-core Medium Version file version 1.37.0 High Version gradle version 1.37.0 Highest Version pom version 1.37.0 Highest
thymeleaf-3.1.2.RELEASE.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.thymeleaf/thymeleaf/3.1.2.RELEASE/273997509a4c7aef86cee0521750140c587d9be2/thymeleaf-3.1.2.RELEASE.jarMD5: 4a9b2210cb35b43fb0b8499e17b9c880SHA1: 273997509a4c7aef86cee0521750140c587d9be2SHA256: 2b3a714be2de349ccb60c65603ae5e8bd7060c7a4f8833485707671e9a862a24Referenced In Projects/Scopes:
opencdx-admin:compileClasspath opencdx-communications:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-communications:compileClasspath thymeleaf-3.1.2.RELEASE.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.2.4 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.2.4 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.2.4 Evidence Type Source Name Value Confidence Vendor file name thymeleaf High Vendor gradle artifactid thymeleaf Highest Vendor gradle groupid org.thymeleaf Highest Vendor jar package name thymeleaf Highest Vendor jar package name thymeleaf Low Vendor Manifest automatic-module-name thymeleaf Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor Thymeleaf High Vendor Manifest specification-vendor Thymeleaf Low Product file name thymeleaf High Product gradle artifactid thymeleaf Highest Product jar package name thymeleaf Highest Product Manifest automatic-module-name thymeleaf Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title thymeleaf High Product Manifest specification-title thymeleaf Medium Version file version 3.1.2.release High Version Manifest Implementation-Version 3.1.2.RELEASE High
thymeleaf-spring6-3.1.2.RELEASE.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.thymeleaf/thymeleaf-spring6/3.1.2.RELEASE/6030c7b4e260c41336f378e53da6e8531263f24b/thymeleaf-spring6-3.1.2.RELEASE.jarMD5: 8bd01554ec31619dda90fb3a8c7a0b02SHA1: 6030c7b4e260c41336f378e53da6e8531263f24bSHA256: 2d2dd31d1252d3777b521db6b371de986efabd2d5b15d51c5cad78b79cd7799cReferenced In Projects/Scopes:
opencdx-admin:compileClasspath opencdx-communications:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-communications:compileClasspath thymeleaf-spring6-3.1.2.RELEASE.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.2.4 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.2.4 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.2.4 Evidence Type Source Name Value Confidence Vendor file name thymeleaf-spring6 High Vendor gradle artifactid thymeleaf-spring6 Highest Vendor gradle groupid org.thymeleaf Highest Vendor jar package name spring6 Highest Vendor jar package name spring6 Low Vendor jar package name thymeleaf Highest Vendor jar package name thymeleaf Low Vendor Manifest automatic-module-name thymeleaf.spring6 Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor Thymeleaf High Vendor Manifest specification-vendor Thymeleaf Low Product file name thymeleaf-spring6 High Product gradle artifactid thymeleaf-spring6 Highest Product jar package name spring6 Highest Product jar package name spring6 Low Product jar package name thymeleaf Highest Product Manifest automatic-module-name thymeleaf.spring6 Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title thymeleaf-spring6 High Product Manifest specification-title thymeleaf-spring6 Medium Version file version 3.1.2.release High Version Manifest Implementation-Version 3.1.2.RELEASE High
tika-core-2.9.1.jarDescription:
This is the core Apache Tika™ toolkit library from which all other modules inherit functionality. It
also
includes the core facades for the Tika API.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.apache.tika/tika-core/2.9.1/bfd572826e7023dd6ceeefe1b4d0f6d3d8eef507/tika-core-2.9.1.jar
MD5: 61f7f9773d81f318c6f754fcaa794169
SHA1: bfd572826e7023dd6ceeefe1b4d0f6d3d8eef507
SHA256: 1c5241991d9dcdcd74fea0a27600f31e8524a44c61a360e51564850367f96462
Referenced In Projects/Scopes: opencdx-classification-analyzer:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-classification:productionRuntimeClasspath opencdx-classification:compileClasspath opencdx-classification-analyzer:compileClasspath tika-core-2.9.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 Evidence Type Source Name Value Confidence Vendor file name tika-core High Vendor gradle artifactid tika-core Highest Vendor gradle groupid org.apache.tika Highest Vendor jar package name apache Highest Vendor jar package name tika Highest Vendor Manifest automatic-module-name org.apache.tika.core Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-docurl https://tika.apache.org/ Low Vendor Manifest bundle-symbolicname org.apache.tika.core Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid tika-core Low Vendor pom groupid org.apache.tika Highest Vendor pom name Apache Tika core High Vendor pom organization name The Apache Software Foundation High Vendor pom organization url http://www.apache.org Medium Vendor pom parent-artifactid tika-parent Low Vendor pom url https://tika.apache.org/ Highest Product file name tika-core High Product gradle artifactid tika-core Highest Product jar package name apache Highest Product jar package name tika Highest Product Manifest automatic-module-name org.apache.tika.core Medium Product Manifest build-jdk-spec 11 Low Product Manifest bundle-activationpolicy lazy Low Product Manifest bundle-docurl https://tika.apache.org/ Low Product Manifest Bundle-Name Apache Tika core Medium Product Manifest bundle-symbolicname org.apache.tika.core Medium Product Manifest Implementation-Title Apache Tika core High Product Manifest specification-title Apache Tika core Medium Product pom artifactid tika-core Highest Product pom groupid org.apache.tika Highest Product pom name Apache Tika core High Product pom organization name The Apache Software Foundation Low Product pom organization url http://www.apache.org Low Product pom parent-artifactid tika-parent Medium Product pom url https://tika.apache.org/ Medium Version file version 2.9.1 High Version gradle version 2.9.1 Highest Version Manifest Bundle-Version 2.9.1 High Version Manifest Implementation-Version 2.9.1 High Version pom version 2.9.1 Highest
tinkar-schema-1.26.0.jarFile Path: /Users/jeffmiller/.m2/repository/dev/ikm/tinkar/tinkar-schema/1.26.0/tinkar-schema-1.26.0.jarMD5: 6b18e039381e435741cc8f0f18dd1e13SHA1: db8fba516c476f893588c573b0cdd33d970b8c11SHA256: d003e9b3d16d27f674b1ad324f9db86f441a3f065de9cf69bea55a5c56aade2bReferenced In Projects/Scopes:
opencdx-tinkar:productionRuntimeClasspath opencdx-tinkar:compileClasspath opencdx-tinkar:runtimeClasspath tinkar-schema-1.26.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/entity-provider@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/coordinate@1.37.0 pkg:maven/dev.ikm.tinkar/entity@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 pkg:maven/dev.ikm.tinkar/data-spinedarray-provider@1.37.0 Evidence Type Source Name Value Confidence Vendor file name tinkar-schema High Vendor gradle artifactid tinkar-schema Highest Vendor gradle groupid dev.ikm.tinkar Highest Vendor jar package name dev Highest Vendor jar package name ikm Highest Vendor jar package name schema Highest Vendor jar package name tinkar Highest Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid tinkar-schema Low Vendor pom groupid dev.ikm.tinkar Highest Vendor pom name Tinkar Schema: Java High Vendor pom parent-artifactid java-parent Low Vendor pom parent-groupid dev.ikm.build Medium Vendor pom url IKM/tinkar-proto Highest Product file name tinkar-schema High Product gradle artifactid tinkar-schema Highest Product jar package name dev Highest Product jar package name ikm Highest Product jar package name schema Highest Product jar package name tinkar Highest Product Manifest build-jdk-spec 21 Low Product pom artifactid tinkar-schema Highest Product pom groupid dev.ikm.tinkar Highest Product pom name Tinkar Schema: Java High Product pom parent-artifactid java-parent Medium Product pom parent-groupid dev.ikm.build Medium Product pom url IKM/tinkar-proto High Version file version 1.26.0 High Version gradle version 1.26.0 Highest Version pom parent-version 1.26.0 Low Version pom version 1.26.0 Highest
tomcat-embed-core-10.1.19.jarLicense:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/10.1.19/3dbbca8acbd4dd6a137c3d6f934a2931512b42ce/tomcat-embed-core-10.1.19.jar
MD5: a8a4c0889dac535c81223b49980950e8
SHA1: 3dbbca8acbd4dd6a137c3d6f934a2931512b42ce
SHA256: ca35025eda35fbef0798ed4ae79d0fbfa11d0a7a4d82fffd3e1a2bfa34abddbe
Referenced In Projects/Scopes: opencdx-client:productionRuntimeClasspath opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-client:compileClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath tomcat-embed-core-10.1.19.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 Evidence Type Source Name Value Confidence Vendor file name tomcat-embed-core High Vendor gradle artifactid tomcat-embed-core Highest Vendor gradle groupid org.apache.tomcat.embed Highest Vendor jar package name apache Highest Vendor jar package name apache Low Vendor jar package name core Highest Vendor jar package name tomcat Highest Vendor Manifest bundle-symbolicname org.apache.tomcat-embed-core Medium Vendor Manifest Implementation-Vendor Apache Software Foundation High Vendor Manifest provide-capability osgi.contract;osgi.contract=JakartaAuthentication;version:Version="3.0";uses:="jakarta.security.auth.message,jakarta.security.auth.message.callback,jakarta.security.auth.message.config,jakarta.security.auth.message.module",osgi.contract;osgi.contract=JakartaServlet;version:Version="6.0";uses:="jakarta.servlet,jakarta.servlet.annotation,jakarta.servlet.descriptor,jakarta.servlet.http,jakarta.servlet.resources" Low Vendor Manifest specification-vendor Apache Software Foundation Low Vendor manifest: jakarta/security/auth/message/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: jakarta/security/auth/message/callback/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: jakarta/security/auth/message/config/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: jakarta/security/auth/message/module/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: jakarta/servlet/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: jakarta/servlet/annotation/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: jakarta/servlet/descriptor/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: jakarta/servlet/http/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: jakarta/servlet/resources/ Implementation-Vendor Apache Software Foundation Medium Product file name tomcat-embed-core High Product gradle artifactid tomcat-embed-core Highest Product jar package name annotation Highest Product jar package name apache Highest Product jar package name auth Highest Product jar package name core Highest Product jar package name descriptor Highest Product jar package name http Highest Product jar package name jakarta Highest Product jar package name message Highest Product jar package name security Highest Product jar package name servlet Highest Product jar package name tomcat Highest Product Manifest Bundle-Name tomcat-embed-core Medium Product Manifest bundle-symbolicname org.apache.tomcat-embed-core Medium Product Manifest Implementation-Title Apache Tomcat High Product Manifest provide-capability osgi.contract;osgi.contract=JakartaAuthentication;version:Version="3.0";uses:="jakarta.security.auth.message,jakarta.security.auth.message.callback,jakarta.security.auth.message.config,jakarta.security.auth.message.module",osgi.contract;osgi.contract=JakartaServlet;version:Version="6.0";uses:="jakarta.servlet,jakarta.servlet.annotation,jakarta.servlet.descriptor,jakarta.servlet.http,jakarta.servlet.resources" Low Product Manifest specification-title Apache Tomcat Medium Product manifest: jakarta/security/auth/message/ Implementation-Title jakarta.security.auth.message Medium Product manifest: jakarta/security/auth/message/ Specification-Title Jakarta Authentication SPI for Containers Medium Product manifest: jakarta/security/auth/message/callback/ Implementation-Title jakarta.security.auth.message Medium Product manifest: jakarta/security/auth/message/callback/ Specification-Title Jakarta Authentication SPI for Containers Medium Product manifest: jakarta/security/auth/message/config/ Implementation-Title jakarta.security.auth.message Medium Product manifest: jakarta/security/auth/message/config/ Specification-Title Jakarta Authentication SPI for Containers Medium Product manifest: jakarta/security/auth/message/module/ Implementation-Title jakarta.security.auth.message Medium Product manifest: jakarta/security/auth/message/module/ Specification-Title Jakarta Authentication SPI for Containers Medium Product manifest: jakarta/servlet/ Implementation-Title jakarta.servlet Medium Product manifest: jakarta/servlet/ Specification-Title Jakarta Servlet Medium Product manifest: jakarta/servlet/annotation/ Implementation-Title jakarta.servlet Medium Product manifest: jakarta/servlet/annotation/ Specification-Title Jakarta Servlet Medium Product manifest: jakarta/servlet/descriptor/ Implementation-Title jakarta.servlet Medium Product manifest: jakarta/servlet/descriptor/ Specification-Title Jakarta Servlet Medium Product manifest: jakarta/servlet/http/ Implementation-Title jakarta.servlet Medium Product manifest: jakarta/servlet/http/ Specification-Title Jakarta Servlet Medium Product manifest: jakarta/servlet/resources/ Implementation-Title jakarta.servlet Medium Product manifest: jakarta/servlet/resources/ Specification-Title Jakarta Servlet Medium Version file version 10.1.19 High Version Manifest Implementation-Version 10.1.19 High
tomcat-embed-el-10.1.19.jar tomcat-embed-websocket-10.1.19.jarLicense:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-websocket/10.1.19/adf4710fac2471236f8a466ca678cdf7e6a8257c/tomcat-embed-websocket-10.1.19.jar
MD5: 486cbc4d138fbde74e62041f8fb5cc5f
SHA1: adf4710fac2471236f8a466ca678cdf7e6a8257c
SHA256: c620bc4bbe425fb93c503cf4ba6106c21c8e2390d8b8b314523e4f3193074c67
Referenced In Projects/Scopes: opencdx-client:productionRuntimeClasspath opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-audit:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-classification-analyzer:productionRuntimeClasspath opencdx-client:compileClasspath opencdx-commons:runtimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-client:runtimeClasspath opencdx-classification-analyzer:runtimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-commons:compileClasspath opencdx-classification-analyzer:compileClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-helloworld:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-commons:productionRuntimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath tomcat-embed-websocket-10.1.19.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-classification-analyzer@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-config-server@4.1.0 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 pkg:maven/cdx.opencdx/opencdx-commons@0.1.20240501165702 pkg:maven/cdx.opencdx/opencdx-client@0.1.20240501165702 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.2.4 Evidence Type Source Name Value Confidence Vendor file name tomcat-embed-websocket High Vendor gradle artifactid tomcat-embed-websocket Highest Vendor gradle groupid org.apache.tomcat.embed Highest Vendor jar package name apache Highest Vendor jar package name apache Low Vendor jar package name tomcat Highest Vendor jar package name tomcat Low Vendor jar package name websocket Highest Vendor jar package name websocket Low Vendor Manifest bundle-symbolicname org.apache.tomcat-embed-websocket Medium Vendor Manifest Implementation-Vendor Apache Software Foundation High Vendor Manifest provide-capability osgi.contract;osgi.contract=JakartaWebSocket;version:Version="2.1";uses:="jakarta.websocket,jakarta.websocket.server",osgi.service;objectClass:List="jakarta.websocket.ContainerProvider";effective:=active,osgi.service;objectClass:List="jakarta.websocket.server.ServerEndpointConfig$Configurator";effective:=active,osgi.serviceloader;osgi.serviceloader="jakarta.websocket.ContainerProvider";register:="org.apache.tomcat.websocket.WsContainerProvider",osgi.serviceloader;osgi.serviceloader="jakarta.websocket.server.ServerEndpointConfig$Configurator";register:="org.apache.tomcat.websocket.server.DefaultServerEndpointConfigurator" Low Vendor Manifest specification-vendor Apache Software Foundation Low Vendor manifest: jakarta/websocket/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: jakarta/websocket/server/ Implementation-Vendor Apache Software Foundation Medium Product file name tomcat-embed-websocket High Product gradle artifactid tomcat-embed-websocket Highest Product jar package name apache Highest Product jar package name containerprovider Highest Product jar package name jakarta Highest Product jar package name server Highest Product jar package name serverendpointconfig Highest Product jar package name serverendpointconfig$configurator Highest Product jar package name tomcat Highest Product jar package name tomcat Low Product jar package name websocket Highest Product jar package name websocket Low Product jar package name wscontainerprovider Highest Product Manifest Bundle-Name tomcat-embed-websocket Medium Product Manifest bundle-symbolicname org.apache.tomcat-embed-websocket Medium Product Manifest Implementation-Title Apache Tomcat High Product Manifest provide-capability osgi.contract;osgi.contract=JakartaWebSocket;version:Version="2.1";uses:="jakarta.websocket,jakarta.websocket.server",osgi.service;objectClass:List="jakarta.websocket.ContainerProvider";effective:=active,osgi.service;objectClass:List="jakarta.websocket.server.ServerEndpointConfig$Configurator";effective:=active,osgi.serviceloader;osgi.serviceloader="jakarta.websocket.ContainerProvider";register:="org.apache.tomcat.websocket.WsContainerProvider",osgi.serviceloader;osgi.serviceloader="jakarta.websocket.server.ServerEndpointConfig$Configurator";register:="org.apache.tomcat.websocket.server.DefaultServerEndpointConfigurator" Low Product Manifest specification-title Apache Tomcat Medium Product manifest: jakarta/websocket/ Implementation-Title jakarta.websocket Medium Product manifest: jakarta/websocket/ Specification-Title Jakarta WebSocket Medium Product manifest: jakarta/websocket/server/ Implementation-Title jakarta.websocket Medium Product manifest: jakarta/websocket/server/ Specification-Title Jakarta WebSocket Medium Version file version 10.1.19 High Version Manifest Implementation-Version 10.1.19 High
txw2-4.0.5.jarDescription:
TXW is a library that allows you to write XML documents.
File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.glassfish.jaxb/txw2/4.0.5/f36a4ef12120a9bb06d766d6a0e54b144fd7ed98/txw2-4.0.5.jarMD5: 2f5aa7dbd5e326562cff6ce720a1485aSHA1: f36a4ef12120a9bb06d766d6a0e54b144fd7ed98SHA256: 917355bc451481f30d043b24d123110517966af34383901773882810dca480e5Referenced In Projects/Scopes:
opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath txw2-4.0.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name txw2 High Vendor gradle artifactid txw2 Highest Vendor gradle groupid org.glassfish.jaxb Highest Vendor jar package name sun Highest Vendor jar package name txw Highest Vendor jar package name txw2 Highest Vendor jar package name xml Highest Vendor jar (hint) package name oracle Highest Vendor Manifest git-revision cb19596 Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest Implementation-Vendor-Id org.eclipse Medium Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom artifactid txw2 Low Vendor pom groupid org.glassfish.jaxb Highest Vendor pom name TXW2 Runtime High Vendor pom parent-artifactid jaxb-txw-parent Low Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Vendor pom url https://eclipse-ee4j.github.io/jaxb-ri/ Highest Product file name txw2 High Product gradle artifactid txw2 Highest Product jar package name sun Highest Product jar package name txw Highest Product jar package name txw2 Highest Product jar package name xml Highest Product Manifest git-revision cb19596 Low Product Manifest Implementation-Title Eclipse Implementation of JAXB High Product Manifest specification-title Jakarta XML Binding Medium Product pom artifactid txw2 Highest Product pom groupid org.glassfish.jaxb Highest Product pom name TXW2 Runtime High Product pom parent-artifactid jaxb-txw-parent Medium Product pom parent-groupid com.sun.xml.bind.mvn Medium Product pom url https://eclipse-ee4j.github.io/jaxb-ri/ Medium Version file version 4.0.5 High Version gradle version 4.0.5 Highest Version Manifest build-version 4.0.5 Medium Version pom version 4.0.5 Highest
type-search-index.jsFile Path: /Users/jeffmiller/source/OpenCDX/opencdx-admin/src/main/resources/public/javadoc/type-search-index.jsMD5: 5e85a9f5a84ebb8cfb267bafce3657cfSHA1: 9a728dfd10769d9b68b77ffe30ac7c4459530707SHA256: 2891248374069f3f0b376de2c644cd411c3f8e5f7dc16ddfbf3c81f6a1ed801cReferenced In Project/Scope: opencdx-admin
Evidence Type Source Name Value Confidence
unbescape-1.1.6.RELEASE.jarDescription:
Advanced yet easy-to-use escape/unescape library for Java License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/org.unbescape/unbescape/1.1.6.RELEASE/7b90360afb2b860e09e8347112800d12c12b2a13/unbescape-1.1.6.RELEASE.jar
MD5: d95ed94e1624e307a1958ee105ccbf39
SHA1: 7b90360afb2b860e09e8347112800d12c12b2a13
SHA256: 597cf87d5b1a4f385b9d1cec974b7b483abb3ee85fc5b3f8b62af8e4bec95c2c
Referenced In Projects/Scopes: opencdx-admin:compileClasspath opencdx-communications:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-communications:productionRuntimeClasspath opencdx-admin:productionRuntimeClasspath opencdx-communications:compileClasspath unbescape-1.1.6.RELEASE.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.2.4 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.2.4 pkg:maven/de.codecentric/spring-boot-admin-starter-server@3.2.0 pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@3.2.4 Evidence Type Source Name Value Confidence Vendor file name unbescape High Vendor gradle artifactid unbescape Highest Vendor gradle groupid org.unbescape Highest Vendor jar package name unbescape Highest Vendor jar package name unbescape Low Vendor Manifest automatic-module-name unbescape Medium Vendor Manifest bundle-docurl http://www.unbescape.org Low Vendor Manifest bundle-symbolicname org.unbescape Medium Vendor Manifest implementation-url http://www.unbescape.org Low Vendor Manifest Implementation-Vendor The UNBESCAPE team High Vendor Manifest Implementation-Vendor-Id org.unbescape Medium Vendor Manifest specification-vendor The UNBESCAPE team Low Product file name unbescape High Product gradle artifactid unbescape Highest Product jar package name java Highest Product jar package name unbescape Highest Product Manifest automatic-module-name unbescape Medium Product Manifest bundle-docurl http://www.unbescape.org Low Product Manifest Bundle-Name unbescape Medium Product Manifest bundle-symbolicname org.unbescape Medium Product Manifest Implementation-Title unbescape High Product Manifest implementation-url http://www.unbescape.org Low Product Manifest specification-title unbescape Medium Version file version 1.1.6.release High Version Manifest Implementation-Version 1.1.6.RELEASE High
woodstox-core-6.2.1.jar (shaded: com.sun.xml.bind.jaxb:isorelax:20090621)Description:
Unknown version of isorelax library used in JAXB project File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.fasterxml.woodstox/woodstox-core/6.2.1/1600925b1ec7c7a3403c8f068ad62feead13132f/woodstox-core-6.2.1.jar/META-INF/maven/com.sun.xml.bind.jaxb/isorelax/pom.xmlMD5: 6fbb4bc95fbf2072bc6e3b790553fe81SHA1: 314ec72948d5c1fc71d553cbbd7a130caa6f9f13SHA256: cda6451d0231a973352b592ff950e39224ba6ba1a2f35eeab66511b5c225dff1Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-discovery:productionRuntimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath Evidence Type Source Name Value Confidence Vendor pom artifactid isorelax Low Vendor pom groupid com.sun.xml.bind.jaxb Highest Vendor pom name JAXB isorelax library High Vendor pom parent-artifactid jvnet-parent Low Vendor pom parent-groupid net.java Medium Product pom artifactid isorelax Highest Product pom groupid com.sun.xml.bind.jaxb Highest Product pom name JAXB isorelax library High Product pom parent-artifactid jvnet-parent Medium Product pom parent-groupid net.java Medium Version pom parent-version 20090621 Low Version pom version 20090621 Highest
Related Dependencies woodstox-core-6.5.1.jar (shaded: com.sun.xml.bind.jaxb:isorelax:20090621)File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.fasterxml.woodstox/woodstox-core/6.5.1/c6e52e84fe959e69a243c83ec7d24cd889444ddf/woodstox-core-6.5.1.jar/META-INF/maven/com.sun.xml.bind.jaxb/isorelax/pom.xml MD5: 6fbb4bc95fbf2072bc6e3b790553fe81 SHA1: 314ec72948d5c1fc71d553cbbd7a130caa6f9f13 SHA256: cda6451d0231a973352b592ff950e39224ba6ba1a2f35eeab66511b5c225dff1 pkg:maven/com.sun.xml.bind.jaxb/isorelax@20090621 woodstox-core-6.2.1.jar (shaded: net.java.dev.msv:xsdlib:2013.6.1)Description:
XML Schema datatypes library File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.fasterxml.woodstox/woodstox-core/6.2.1/1600925b1ec7c7a3403c8f068ad62feead13132f/woodstox-core-6.2.1.jar/META-INF/maven/net.java.dev.msv/xsdlib/pom.xmlMD5: aaf872ed9d1aabee25e03c2a132ffd8eSHA1: 47f218a999411ed028f089d59ebef8f14e0fe914SHA256: d6e83c124436049d83238fc532a26c5d8ccd7e4ab10eba6d96043c850ac82f3cReferenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-discovery:productionRuntimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath Evidence Type Source Name Value Confidence Vendor pom artifactid xsdlib Low Vendor pom groupid net.java.dev.msv Highest Vendor pom name MSV XML Schema Library High Vendor pom parent-artifactid msv Low Product pom artifactid xsdlib Highest Product pom groupid net.java.dev.msv Highest Product pom name MSV XML Schema Library High Product pom parent-artifactid msv Medium Version pom version 2013.6.1 Highest
Related Dependencies woodstox-core-6.5.1.jar (shaded: net.java.dev.msv:xsdlib:2013.6.1)File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.fasterxml.woodstox/woodstox-core/6.5.1/c6e52e84fe959e69a243c83ec7d24cd889444ddf/woodstox-core-6.5.1.jar/META-INF/maven/net.java.dev.msv/xsdlib/pom.xml MD5: aaf872ed9d1aabee25e03c2a132ffd8e SHA1: 47f218a999411ed028f089d59ebef8f14e0fe914 SHA256: d6e83c124436049d83238fc532a26c5d8ccd7e4ab10eba6d96043c850ac82f3c pkg:maven/net.java.dev.msv/xsdlib@2013.6.1 woodstox-core-6.2.1.jarDescription:
Woodstox is a high-performance XML processor that implements Stax (JSR-173),
SAX2 and Stax2 APIs
License:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.fasterxml.woodstox/woodstox-core/6.2.1/1600925b1ec7c7a3403c8f068ad62feead13132f/woodstox-core-6.2.1.jar
MD5: b125f28b8c338952e5036347cefacaab
SHA1: 1600925b1ec7c7a3403c8f068ad62feead13132f
SHA256: de70d0f1e971b662f5b5bf138a467b671fd50b2dbf7dea5c1cc3b33ad7d5d06b
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath woodstox-core-6.2.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name woodstox-core High Vendor gradle artifactid woodstox-core Highest Vendor gradle groupid com.fasterxml.woodstox Highest Vendor jar package name stax Highest Vendor Manifest bundle-docurl https://github.com/FasterXML/woodstox Low Vendor Manifest bundle-symbolicname com.fasterxml.woodstox.woodstox-core Medium Vendor Manifest implementation-build-date 2020-05-14 04:23:34+0000 Low Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.woodstox Medium Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid woodstox-core Low Vendor pom developer email tatu@fasterxml.com Low Vendor pom developer id cowtowncoder Medium Vendor pom developer name Tatu Saloranta Medium Vendor pom groupid com.fasterxml.woodstox Highest Vendor pom name Woodstox High Vendor pom organization name FasterXML High Vendor pom organization url http://fasterxml.com Medium Vendor pom parent-artifactid oss-parent Low Vendor pom parent-groupid com.fasterxml Medium Vendor pom url FasterXML/woodstox Highest Product file name woodstox-core High Product gradle artifactid woodstox-core Highest Product jar package name stax Highest Product Manifest bundle-docurl https://github.com/FasterXML/woodstox Low Product Manifest Bundle-Name Woodstox Medium Product Manifest bundle-symbolicname com.fasterxml.woodstox.woodstox-core Medium Product Manifest implementation-build-date 2020-05-14 04:23:34+0000 Low Product Manifest Implementation-Title Woodstox High Product Manifest specification-title Woodstox Medium Product pom artifactid woodstox-core Highest Product pom developer email tatu@fasterxml.com Low Product pom developer id cowtowncoder Low Product pom developer name Tatu Saloranta Low Product pom groupid com.fasterxml.woodstox Highest Product pom name Woodstox High Product pom organization name FasterXML Low Product pom organization url http://fasterxml.com Low Product pom parent-artifactid oss-parent Medium Product pom parent-groupid com.fasterxml Medium Product pom url FasterXML/woodstox High Version file version 6.2.1 High Version gradle version 6.2.1 Highest Version Manifest Bundle-Version 6.2.1 High Version Manifest Implementation-Version 6.2.1 High Version pom parent-version 6.2.1 Low Version pom version 6.2.1 Highest
CVE-2022-40152 suppress
Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks (DOS) if DTD support is enabled. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack. CWE-787 Out-of-bounds Write, CWE-121 Stack-based Buffer Overflow
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
woodstox-core-6.5.1.jarDescription:
Woodstox is a high-performance XML processor that implements Stax (JSR-173),
SAX2 and Stax2 APIs
License:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.fasterxml.woodstox/woodstox-core/6.5.1/c6e52e84fe959e69a243c83ec7d24cd889444ddf/woodstox-core-6.5.1.jar
MD5: 961dd4b2afedf95293dfdd8adfc8f211
SHA1: c6e52e84fe959e69a243c83ec7d24cd889444ddf
SHA256: c928d60665c6415fb1c39775cf95cfc44f7f4580cf5ab01b1c380ebffd76887f
Referenced In Projects/Scopes: opencdx-discovery:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-discovery:runtimeClasspath woodstox-core-6.5.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.2.4 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/org.springframework.boot/spring-boot-starter-webflux@3.2.4 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 Evidence Type Source Name Value Confidence Vendor file name woodstox-core High Vendor gradle artifactid woodstox-core Highest Vendor gradle groupid com.fasterxml.woodstox Highest Vendor jar package name stax Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/woodstox Low Vendor Manifest bundle-symbolicname com.fasterxml.woodstox.woodstox-core Medium Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.woodstox Medium Vendor Manifest provide-capability osgi.service;objectClass:List="javax.xml.stream.XMLEventFactory";effective:=active,osgi.service;objectClass:List="javax.xml.stream.XMLInputFactory";effective:=active,osgi.service;objectClass:List="javax.xml.stream.XMLOutputFactory";effective:=active,osgi.service;objectClass:List="org.codehaus.stax2.validation.XMLValidationSchemaFactory";effective:=active,osgi.serviceloader;osgi.serviceloader="javax.xml.stream.XMLEventFactory";register:="com.ctc.wstx.stax.WstxEventFactory",osgi.serviceloader;osgi.serviceloader="javax.xml.stream.XMLInputFactory";register:="com.ctc.wstx.stax.WstxInputFactory",osgi.serviceloader;osgi.serviceloader="javax.xml.stream.XMLOutputFactory";register:="com.ctc.wstx.stax.WstxOutputFactory",osgi.serviceloader;osgi.serviceloader="org.codehaus.stax2.validation.XMLValidationSchemaFactory";register:="com.ctc.wstx.dtd.DTDSchemaFactory",osgi.serviceloader;osgi.serviceloader="org.codehaus.stax2.validation.XMLValidationSchemaFactory";register:="com.ctc.wstx.msv.RelaxNGSchemaFactory",osgi.serviceloader;osgi.serviceloader="org.codehaus.stax2.validation.XMLValidationSchemaFactory";register:="com.ctc.wstx.msv.W3CSchemaFactory" Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid woodstox-core Low Vendor pom developer email tatu@fasterxml.com Low Vendor pom developer id cowtowncoder Medium Vendor pom developer name Tatu Saloranta Medium Vendor pom groupid com.fasterxml.woodstox Highest Vendor pom name Woodstox High Vendor pom organization name FasterXML High Vendor pom organization url http://fasterxml.com Medium Vendor pom parent-artifactid oss-parent Low Vendor pom parent-groupid com.fasterxml Medium Vendor pom url FasterXML/woodstox Highest Product file name woodstox-core High Product gradle artifactid woodstox-core Highest Product jar package name dtd Highest Product jar package name dtdschemafactory Highest Product jar package name msv Highest Product jar package name osgi Highest Product jar package name relaxngschemafactory Highest Product jar package name stax Highest Product jar package name w3cschemafactory Highest Product jar package name wstx Highest Product jar package name wstxeventfactory Highest Product jar package name wstxinputfactory Highest Product jar package name wstxoutputfactory Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/woodstox Low Product Manifest Bundle-Name Woodstox Medium Product Manifest bundle-symbolicname com.fasterxml.woodstox.woodstox-core Medium Product Manifest Implementation-Title Woodstox High Product Manifest provide-capability osgi.service;objectClass:List="javax.xml.stream.XMLEventFactory";effective:=active,osgi.service;objectClass:List="javax.xml.stream.XMLInputFactory";effective:=active,osgi.service;objectClass:List="javax.xml.stream.XMLOutputFactory";effective:=active,osgi.service;objectClass:List="org.codehaus.stax2.validation.XMLValidationSchemaFactory";effective:=active,osgi.serviceloader;osgi.serviceloader="javax.xml.stream.XMLEventFactory";register:="com.ctc.wstx.stax.WstxEventFactory",osgi.serviceloader;osgi.serviceloader="javax.xml.stream.XMLInputFactory";register:="com.ctc.wstx.stax.WstxInputFactory",osgi.serviceloader;osgi.serviceloader="javax.xml.stream.XMLOutputFactory";register:="com.ctc.wstx.stax.WstxOutputFactory",osgi.serviceloader;osgi.serviceloader="org.codehaus.stax2.validation.XMLValidationSchemaFactory";register:="com.ctc.wstx.dtd.DTDSchemaFactory",osgi.serviceloader;osgi.serviceloader="org.codehaus.stax2.validation.XMLValidationSchemaFactory";register:="com.ctc.wstx.msv.RelaxNGSchemaFactory",osgi.serviceloader;osgi.serviceloader="org.codehaus.stax2.validation.XMLValidationSchemaFactory";register:="com.ctc.wstx.msv.W3CSchemaFactory" Low Product Manifest specification-title Woodstox Medium Product pom artifactid woodstox-core Highest Product pom developer email tatu@fasterxml.com Low Product pom developer id cowtowncoder Low Product pom developer name Tatu Saloranta Low Product pom groupid com.fasterxml.woodstox Highest Product pom name Woodstox High Product pom organization name FasterXML Low Product pom organization url http://fasterxml.com Low Product pom parent-artifactid oss-parent Medium Product pom parent-groupid com.fasterxml Medium Product pom url FasterXML/woodstox High Version file version 6.5.1 High Version gradle version 6.5.1 Highest Version Manifest Bundle-Version 6.5.1 High Version Manifest Implementation-Version 6.5.1 High Version pom parent-version 6.5.1 Low Version pom version 6.5.1 Highest
xmlpull-1.1.3.1.jarFile Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/xmlpull/xmlpull/1.1.3.1/2b8e230d2ab644e4ecaa94db7cdedbc40c805dfa/xmlpull-1.1.3.1.jarMD5: cc57dacc720eca721a50e78934b822d2SHA1: 2b8e230d2ab644e4ecaa94db7cdedbc40c805dfaSHA256: 34e08ee62116071cbb69c0ed70d15a7a5b208d62798c59f2120bb8929324cb63Referenced In Projects/Scopes:
opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath xmlpull-1.1.3.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name xmlpull High Vendor gradle artifactid xmlpull Highest Vendor gradle groupid xmlpull Highest Vendor jar package name v1 Low Vendor jar package name xmlpull Low Product file name xmlpull High Product gradle artifactid xmlpull Highest Product jar package name v1 Low Version file name xmlpull Medium Version file version 1.1.3.1 High Version gradle version 1.1.3.1 Highest
xmlunit-core-2.9.1.jar xstream-1.4.19.jarDescription:
XStream is a serialization library from Java objects to XML and back. License:
BSD-3-Clause File Path: /Users/jeffmiller/.gradle/caches/modules-2/files-2.1/com.thoughtworks.xstream/xstream/1.4.19/e0e581d812aa92ae12f07234f3398e06af74b112/xstream-1.4.19.jar
MD5: eb850b8fe0405670938f7e899ed8630f
SHA1: e0e581d812aa92ae12f07234f3398e06af74b112
SHA256: c9ac93527942189ae89fc9120676358f11ea8f713c635a9f2c70063fe6716634
Referenced In Projects/Scopes: opencdx-audit:compileClasspath opencdx-tinkar:productionRuntimeClasspath opencdx-classification:runtimeClasspath opencdx-tinkar:runtimeClasspath opencdx-questionnaire:productionRuntimeClasspath opencdx-media:compileClasspath opencdx-config:runtimeClasspath opencdx-questionnaire:compileClasspath opencdx-admin:productionRuntimeClasspath opencdx-audit:runtimeClasspath opencdx-gateway:runtimeClasspath opencdx-helloworld:compileClasspath opencdx-gateway:productionRuntimeClasspath opencdx-communications:runtimeClasspath opencdx-media:productionRuntimeClasspath opencdx-communications:compileClasspath opencdx-config:productionRuntimeClasspath opencdx-discovery:compileClasspath opencdx-iam:productionRuntimeClasspath opencdx-health:productionRuntimeClasspath opencdx-helloworld:productionRuntimeClasspath opencdx-logistics:compileClasspath opencdx-classification:productionRuntimeClasspath opencdx-logistics:productionRuntimeClasspath opencdx-logistics:runtimeClasspath opencdx-questionnaire:runtimeClasspath opencdx-media:runtimeClasspath opencdx-admin:compileClasspath opencdx-audit:productionRuntimeClasspath opencdx-config:compileClasspath opencdx-health:compileClasspath opencdx-tinkar:compileClasspath opencdx-discovery:productionRuntimeClasspath opencdx-gateway:compileClasspath opencdx-helloworld:runtimeClasspath opencdx-admin:runtimeClasspath opencdx-iam:compileClasspath opencdx-communications:productionRuntimeClasspath opencdx-health:runtimeClasspath opencdx-discovery:runtimeClasspath opencdx-iam:runtimeClasspath opencdx-classification:compileClasspath xstream-1.4.19.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-server@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 pkg:maven/org.springframework.cloud/spring-cloud-starter-netflix-eureka-client@4.1.0 Evidence Type Source Name Value Confidence Vendor file name xstream High Vendor gradle artifactid xstream Highest Vendor gradle groupid com.thoughtworks.xstream Highest Vendor jar package name core Highest Vendor jar package name thoughtworks Highest Vendor jar package name xstream Highest Vendor Manifest bundle-docurl http://x-stream.github.io Low Vendor Manifest bundle-symbolicname xstream Medium Vendor Manifest Implementation-Vendor XStream High Vendor Manifest Implementation-Vendor-Id com.thoughtworks.xstream Medium Vendor Manifest java_1_4_home /opt/blackdown-jdk-1.4.2.03 Low Vendor Manifest java_1_5_home /opt/sun-jdk-1.5.0.22 Low Vendor Manifest java_1_6_home /opt/sun-jdk-1.6.0.45 Low Vendor Manifest java_1_7_home /opt/oracle-jdk-bin-1.7.0.80 Low Vendor Manifest java_1_8_home /opt/oracle-jdk-bin-1.8.0.202 Low Vendor Manifest java_9_home /opt/oracle-jdk-bin-9.0.4 Low Vendor Manifest specification-vendor XStream Low Vendor Manifest x-build-os Linux Low Vendor Manifest x-build-time 2022-01-29T16:47:16Z Low Vendor Manifest x-builder Maven 3.8.3 Low Vendor Manifest x-compile-source 1.4 Low Vendor Manifest x-compile-target 1.4 Low Vendor pom artifactid xstream Low Vendor pom groupid com.thoughtworks.xstream Highest Vendor pom name XStream Core High Vendor pom parent-artifactid xstream-parent Low Product file name xstream High Product gradle artifactid xstream Highest Product jar package name core Highest Product jar package name io Highest Product jar package name thoughtworks Highest Product jar package name xml Highest Product jar package name xstream Highest Product Manifest bundle-docurl http://x-stream.github.io Low Product Manifest Bundle-Name XStream Core Medium Product Manifest bundle-symbolicname xstream Medium Product Manifest Implementation-Title XStream Core High Product Manifest java_1_4_home /opt/blackdown-jdk-1.4.2.03 Low Product Manifest java_1_5_home /opt/sun-jdk-1.5.0.22 Low Product Manifest java_1_6_home /opt/sun-jdk-1.6.0.45 Low Product Manifest java_1_7_home /opt/oracle-jdk-bin-1.7.0.80 Low Product Manifest java_1_8_home /opt/oracle-jdk-bin-1.8.0.202 Low Product Manifest java_9_home /opt/oracle-jdk-bin-9.0.4 Low Product Manifest specification-title XStream Core Medium Product Manifest x-build-os Linux Low Product Manifest x-build-time 2022-01-29T16:47:16Z Low Product Manifest x-builder Maven 3.8.3 Low Product Manifest x-compile-source 1.4 Low Product Manifest x-compile-target 1.4 Low Product pom artifactid xstream Highest Product pom groupid com.thoughtworks.xstream Highest Product pom name XStream Core High Product pom parent-artifactid xstream-parent Medium Version file version 1.4.19 High Version gradle version 1.4.19 Highest Version Manifest Bundle-Version 1.4.19 High Version Manifest Implementation-Version 1.4.19 High Version pom version 1.4.19 Highest
CVE-2022-40151 suppress
Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack. CWE-787 Out-of-bounds Write, CWE-121 Stack-based Buffer Overflow
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2022-40152 suppress
Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks (DOS) if DTD support is enabled. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack. CWE-787 Out-of-bounds Write, CWE-121 Stack-based Buffer Overflow
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
CVE-2022-41966 suppress
XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation the processed input stream. The attack uses the hash code implementation for collections and maps to force recursive hash calculation causing a stack overflow. This issue is patched in version 1.4.20 which handles the stack overflow and raises an InputManipulationException instead. A potential workaround for users who only use HashMap or HashSet and whose XML refers these only as default map or set, is to change the default implementation of java.util.Map and java.util per the code example in the referenced advisory. However, this implies that your application does not care about the implementation of the map and all elements are comparable. CWE-502 Deserialization of Untrusted Data, CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), CWE-121 Stack-based Buffer Overflow, CWE-674 Uncontrolled Recursion
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions:
zipkin-2.23.2.jar zipkin-reporter-2.16.3.jar zipkin-reporter-brave-2.16.3.jarSuppressed Vulnerabilities jackson-databind-2.15.4.jar